Sun Microsystems, Inc. Information for VU#412115

Network device drivers reuse old frame buffer data to pad packets



Vendor Statement

Sun is investigating its network device drivers in order to determine if they are affected by this issue of reusing old frame buffer data to pad
packets. A list of interfaces which have completed investigation thus far is as follows:

    Interface Name                                  Vulnerable?
    ce(7D) - Cassini Gigabit-Ethernet                   No
    dmfe(7D) - Davicom Fast Ethernet                    No
    elxl(7D) - 3Com EtherLink XL/Server                 Yes
    eri(7D) - eri Fast-Ethernet                         No
    ge(7D) - GEM Gigabit-Ethernet                       No
    iprb(7D) - Intel 82557, 82558,                      No
              82559-controlled Ethernet
    le(7D) - Am7990 (LANCE) Ethernet                    Yes
    pcelx(7D) - 3COM EtherLink III PCMCIA Ethernet      No
    qfe(7D) - Quad Fast-Ethernet                        No
Additional interfaces are under investigation. A complete listing along with patch details for affected interfaces will be provided in a Sun Alert to be published soon.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.