Kernel panic in xt_TCPMSS.c at tcpmss_mangle_packet+0xef
Issue
- system outage in xt_TCPMSS.c
- core dumps inside iptables rule
- Kernel panic with backtrace similar to:
[exception RIP: tcpmss_mangle_packet+0xef]
...
#10 [ffff88103fb03920] tcpmss_mangle_packet at ffffffffa04c5214 [xt_TCPMSS]
#11 [ffff88103fb03970] tcpmss_tg4 at ffffffffa04c56cc [xt_TCPMSS]
#12 [ffff88103fb039a8] ipt_do_table at ffffffffa00e3cb0 [ip_tables]
#13 [ffff88103fb03af0] iptable_mangle_hook at ffffffffa0495043 [iptable_mangle]
#14 [ffff88103fb03b30] nf_iterate at ffffffff815a6360
#15 [ffff88103fb03b70] nf_hook_slow at ffffffff815a6448
#16 [ffff88103fb03ba8] ip_local_deliver at ffffffff815b0762
#17 [ffff88103fb03c00] ip_rcv_finish at ffffffff815b00aa
#18 [ffff88103fb03c28] ip_rcv at ffffffff815b0a36
Environment
- Red Hat Enterprise Linux 7.4 or earlier
- Red Hat Enterprise Linux 6.9 or earlier
- iptables firewall
- Netfilter module
xt_TCPMSS
- Netfilter module
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.