Facepalm: Apple's macOS appears to be affected by a kernel-level bug that blocks new network connections if a device remains continuously operational for 49 days. Apple has not yet released an official fix, but restarting the affected device temporarily resolves the issue, allowing users to reconnect to any network. However, the workaround only lasts another 49 days before the bug reoccurs.
The issue is reportedly caused by a 32-bit integer overflow in the macOS XNU kernel and is linked to how the system uses a TCP/IP variable to track TCP timestamps in milliseconds since the system booted.
Researchers at Photon explained that a 32-bit integer can hold a maximum value of 4,294,967,295. Because macOS measures timestamps in milliseconds, this limit is reached after 49 days, 17 hours, 2 minutes, and 47.296 seconds of continuous operation.
Once the TCP/IP integer reaches its maximum value, the counter rolls over to zero as expected. However, the monotonicity guard – designed to prevent overflow – also blocks the internal clock from restarting at zero, effectively freezing the TCP timestamp clock. This prevents the system from cleaning up old TIME_WAIT connections, allowing dead connections to remain open indefinitely, consuming all available ephemeral ports and causing the TCP/IP stack to block all new connections.
With all new TCP connections blocked, users are unable to open new websites or start video calls. Existing connections continue to work normally because they already have assigned ports. ICMP (ping) also functions, since it does not use TCP ports or the TCP timer subsystem. Interestingly, the fact that ping requests and existing TCP connections continued working confused researchers and made diagnosing the problem more difficult.
As with many issues in modern operating systems, this TCP/IP bug temporarily disappears after a reboot, but returns if the device remains powered on for another 49 days. No official fix is currently available, though Apple is expected to release a patch to address the problem. In the meantime, the Photon research team says they are developing a workaround that mitigates the issue without requiring a restart.