Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

National Semiconductor Corporation Information for VU#412115

Date Notified:2003-01-09
Date Updated:
Statement Date:
Status Summary:Not Vulnerable

Vendor Statement

National Semiconductor manufactures a number of Ethernet controller chips, both for 100 Mbps and Gigabit Ethernet. Specifically these chips are used by our customers to create Ethernet adapter and LAN on Motherboard (LOM) products. In addition some of the MAC controller cores are integrated into other silicon products National produces. The base product line is as follows:

    DP83815 100 Mbps Ethernet MAC/PHY
    DP83816 100 Mbps Ethernet MAC/PHY
    DP83820 1000 Mbps Ethernet MAC

We have evaluated our MAC cores to determine their vulnerability to the issue that your report raised. We have found that our products properly pad short frames with 00's. However we did find that it is possible that from 1 - 7 bytes following the end of actual frame data may contain byte data from that same frame. All bytes following this alignment padding, however, will be 00's. Because the non-zero data comes from the same frame, this does not represent a security problem. Future Ethernet MAC products from National Semiconductor will not duplicate data and will 00 out all padding on short frames.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information