Flaw in Intel Ethernet controller exposes to ‘packet of death’ attack

The hardware qualification is a very important issue, recent vulnerabilities discovered in network appliances of various manufacturer have alerted security community once again on the necessity to validate the hardware especially for large consume product.

The last news is related to a vulnerability related to the Intel’s 82574L Ethernet controller that expose equipment to risk of “packet of death.” Attack.
intelStar2Star‘s chief technology officer Kristian Kielhofneridentified the cause of the problems after customers experienced random crashes. Researchers at Star2Star after the analysis of lot traffic identified the cause of the problem in the format of a packet managed by a particular VoIP manufacturer.
But as yet it is unclear how widespread the problem is or how other Intel hardware is affected.
Kielhofner, wrote: “The system and Ethernet interfaces would appear fine,” “and then after a random amount of traffic the interface would report a hardware error (lost communication with PHY) and lose link. Literally the link lights on the switch and interface would go out. It was dead.
“Nothing but a power cycle would bring it back. Attempting to reload the kernel module or reboot the machine would result in a PCI scan error. The interface was dead until the machine was physically powered down and powered back on. In many cases, for our customers, this meant a truck roll.”
Problem packets had just the right Call-ID, tags, and branches to cause the ‘2’ in the ptime to line up with 0x47f.
The problem is very insidious, Kielhofner’s team was able to create packets and target them at particular systems.
With a modified HTTP server configured to generate the data at byte value (based on headers, host, etc.) you could easily configure an HTTP 200 response to contain the packet of death – and kill client machines behind firewalls!
Kielhofner has posted a test page that allows system admins to test to see if their devices are vulnerable, meantime his team is working with Intel to produce a fix for the bug.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

  • Blog Stats

    • 11,204 hits
  • Upcoming Events

    No upcoming events

%d bloggers like this: