Intel Ethernet controller vulnerable to 'packet of death'

Post Reply
Message
Author
User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

Intel Ethernet controller vulnerable to 'packet of death'

#1 Post by Flash »

Intel 82574L Ethernet controller vulnerable to 'packet of death'
Kielhofner has posted a test page that allows system admins to test to see if their equipment is vulnerable.
Fixing:

As news of this issue spreads further some controllers are affected and some aren't. That's more or less what I expected. Here's what I know about fixing this.

It has been my understanding that Intel provides at least two EEPROM versions for this chip: one with BMC enabled and one without. My controllers do not have BMC enabled, therefore my fix only applies to non-BMC enabled controllers. This is unfortunate because the BMC enabled controllers seem to be much more widely used. Even with that other than the very basics (MAC address and checksum) I don't know the meaning of these values. Another reason not to reprogram the EEPROM on your NIC based on what some guy on the internet told you.

With that being said here is a diff between an affected EEPROM and a good EEPROM:

Offset Values

-0x0010: ff ff ff ff 6b 02 00 00 86 80 d3 10 ff ff 5a c0
+0x0010: 01 01 ff ff 6b 02 d3 10 d9 15 d3 10 ff ff 58 85

-0x0030: c9 6c 50 31 3e 07 0b 46 84 2d 40 01 00 f0 06 07
+0x0030: c9 6c 50 21 3e 07 0b 46 84 2d 40 01 00 f0 06 07

-0x0060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
+0x0060: 20 01 00 40 16 13 ff ff ff ff ff ff ff ff ff ff

Where the "-" lines were the bad EEPROM and the "+" lines were the good EEPROM.

Under Linux you can view these values with ethtool:

# ethtool -e [interface]
Precise Puppy has ethtool. :)

Post Reply