Intel Information for VU#412115

Network device drivers reuse old frame buffer data to pad packets

Status

Affected

Vendor Statement

Intel has done a complete audit of our Ethernet drivers and determined that we have very limited exposure to the reported security hole. Here is a breakdown of our drivers and exposure:

Windows:

NDIS2       Version 3.2 of our NDIS2 driver resolves the vulnerability
NDIS3       No exposure to reported hole
NDIS4       No exposure to reported hole
NDIS5       No exposure to reported hole
NDIS5.1     No exposure to reported hole
ANS         No exposure to reported hole

OS/2:

NDIS2       Version 3.2 of our NDIS2 driver resolves the vulnerability

Novell:

ODI         Version 2.13 of our ODI driver resolves the vulnerability
C-Spec      No exposure to reported hole
ANS         No exposure to reported hole

Linux:

e100        No exposure to reported hole
e1000       No exposure to reported hole
ANS         No exposure to reported hole

SCO:

SCO5.x      No exposure to reported hole
UW7.x       No exposure to reported hole
UW8         No exposure to reported hole

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.