In association with heise online

11 February 2013, 12:36

"Intel Packet of Death" not Intel's problem

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Intel's 82574L (now cleared of blame) In the middle of last week, an engineer at a Florida provider of VoIP appliances made a disturbing observation. He discovered a network packet trace that reliably killed the software running on his company's Asterisk VoIP phone server. The packet does not crash the system though, instead it paralyses the network controller so much so that even a reboot will not return the interface to life. The system has to be powered down and disconnected from power for a short time to restore the network connection.

The network controller in question is the Intel 82574L which is mainly used on server boards. The technician called his discovery the "Intel packet of Death" and offered a guide on how to determine whether a user's hardware was affected. However, it quickly became clear that the developer of the "death packets" was the only one who could reproduce the problem. The H's associates at heise Security were also unable to reproduce the problem with the network interface chip on an Intel board.

Shortly afterwards, Intel published a statement, which made it clear that the actual Ethernet controller was not to blame. Instead, the issue concerns only a motherboard from a specific manufacturer who programmed an EEPROM incorrectly. According to Intel, a corrupted firmware image had been used. With onboard adapters, the firmware for the Ethernet controller usually comes from the flash chip that also stores the code of the BIOS or UEFI firmware. An update to the firmware of the Ethernet controller usually, therefore, comes in the form of a BIOS update.

The identity of the board manufacturer was not disclosed by Intel or in the "packet of death" discoverer's blog posting. But readers will find it in a Wired report, which says that Taiwanese manufacturer Lex CompuTech (which operates under the name Synertron Technology in the US) was the provider of the incorrectly flashed motherboard.

Correction: An earlier version of this story placed the VoIP provider in California.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit