National Semiconductor Corporation Information for VU#412115

Network device drivers reuse old frame buffer data to pad packets


Not Affected

Vendor Statement

National Semiconductor manufactures a number of Ethernet controller chips, both for 100 Mbps and Gigabit Ethernet. Specifically these chips are used by our customers to create Ethernet adapter and LAN on Motherboard (LOM) products. In addition some of the MAC controller cores are integrated into other silicon products National produces. The base product line is as follows:

    DP83815 100 Mbps Ethernet MAC/PHY
    DP83816 100 Mbps Ethernet MAC/PHY
    DP83820 1000 Mbps Ethernet MAC

We have evaluated our MAC cores to determine their vulnerability to the issue that your report raised. We have found that our products properly pad short frames with 00's. However we did find that it is possible that from 1 - 7 bytes following the end of actual frame data may contain byte data from that same frame. All bytes following this alignment padding, however, will be 00's. Because the non-zero data comes from the same frame, this does not represent a security problem. Future Ethernet MAC products from National Semiconductor will not duplicate data and will 00 out all padding on short frames.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.