Subject: Re: Ethernet vulnerabilty [CERT vulnerability note VU#412115]
To: Brian Chase <firstname.lastname@example.org>
From: Lord Isildur <email@example.com>
Date: 01/09/2003 15:38:12
of course, it will vary from driver to driver. just quickly grepping for
'pad' yields a few comments about padding, mostly mentioning when various
devices dont do it automatically.. in smc83c170.c i get the impression
that it doesnt actually clear the extra space, just setting the packet
size to the larger value.. in midway.c, which is pretty verbose, as far
as i can tell it bzero()s the padding. in elink3.c, it mentions some
cards doing auto-padding, but then does what at first glance seems to be
padding (with zeroes) if it needs it. smc91cxx.c pads with zeroes.
if_iy.c pads with zeroes also.
it seems that more interfaces auto-pad than dont. (i get that impression
from the tulip/de*, lance, hme).. i just took a quick tour grepping for
anyone more familiar than i am with the drivers would probably get better
On Thu, 9 Jan 2003, Brian Chase wrote:
> The CERT site lists the status of NetBSD's drivers with respect to this
> vulnerablity as "unknown". Does anyone know whether our ethernet
> drivers suffer from the the listed vulnerability?
> The above url details the problem.