Chip giant Intel has released a statement regarding a bug discovered in its 82574L Ethernet controller that left it vulnerable to a "packet of death," describing it as "isolated to a specific manufacturer."
The bug was discovered by Star2Star's chief technology officer Kristian Kielhofner after customers began reporting that the company's hardware was experiencing random crashes. Following an extensive investigation, Kielhofner eventually narrowed down the problem to Intel's 82574L Ethernet controller.
Kielhofner discovered that when the Ethernet controller encountered a specific packet, which was being innocently generated by VoIP hardware, it would crash the controller, and lock it up until it was rebooted.
Kielhofner took things a step further, and used a modified HTTP server configured to generate the "packet of death" which could be used to kill client machines behind firewalls.
However, Intel says that after conducting an investigation of the problem, it has found that the problem was not a design problem with the 82574L Ethernet controller itself, but instead it is "an implementation issue isolated to a specific manufacturer."
"Intel root caused the issue to the specific vendor's motherboard design where an incorrect EEPROM image was programmed during manufacturing," writes Douglas Boom on Intel's Wired Ethernet blog. "We communicated the findings and recommended corrections to the motherboard manufacturer. "
The specific manufacturer has not been identified by Intel, but the company suggests that anyone affected by the problem should contact their motherboard manufacturer for details of how to correct the problem.