Re: [PATCH] r8169: offical fix for CVE-2009-4537 (overlength frameDMAs)

[Ben Hutchings]

On Mon, 2010-03-29 at 15:09 -0700, David Miller wrote:
> From: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
> Date: Mon, 29 Mar 2010 23:01:45 +0100
> 
> > It also sucks that the secure but low-performance behaviour is enabled
> > for all variants, while AIUI only some suffer from the bug.  I realise
> > you probably don't have access to every variant (and neither does
> > Francois) but perhaps you could come up with a test case that could be
> > used to start whitelisting common variants that don't have the bug?
> 
> As far as we know all chip variants seem to have the problem.

That's not what I understood from the discussion of the early
back-and-forth changes to receive buffer size.

> Furthermore, this issue has been known about and investigated for
> about 3 months.  In that time no better options for handling this
> issue reliably have been discovered and implemented.
>
> Feel free to code up (and test) something better yourself if you don't
> like the fix as it exists currently. :-)

I would have had a go already, if I actually had some of this hardware
to hand.  Luckily I have managed to avoid buying any so far.  But if
anyone is prepared to loan me a NIC then I promise to have a go at it.

Ben.

-- 
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.

Attachment: signature.asc
Description: This is a digitally signed message part