Subject: Re: Ethernet vulnerabilty [CERT vulnerability note VU#412115]
To: Brian Chase <>
From: Lord Isildur <>
List: tech-kern
Date: 01/09/2003 15:38:12
of course, it will vary from driver to driver. just quickly grepping for 
'pad' yields a few comments about padding, mostly mentioning when various 
devices dont do it automatically.. in smc83c170.c i get the impression 
that it doesnt actually clear the extra space, just setting the packet 
size to the larger value.. in midway.c, which is pretty verbose, as far 
as i can tell it bzero()s the padding. in elink3.c, it mentions some 
cards doing auto-padding, but then does what at first glance seems to be 
padding (with zeroes) if it needs it. smc91cxx.c pads with zeroes. 
if_iy.c pads with zeroes also. 
it seems that more interfaces auto-pad than dont. (i get that impression 
from the tulip/de*, lance, hme).. i just took a quick tour grepping for 
anyone more familiar than i am with the drivers would probably get better
results :) 


On Thu, 9 Jan 2003, Brian Chase wrote:

> The CERT site lists the status of NetBSD's drivers with respect to this
> vulnerablity as "unknown".  Does anyone know whether our ethernet
> drivers suffer from the the listed vulnerability?
> The above url details the problem.
> -brian.