Despite being informed six months ago of a potentially serious security hole that may exist in Ethernet device drivers, many leading software and hardware manufacturers have yet to indicate whether their products contain the vulnerability. The vulnerability concerns the way . . .
Despite being informed six months ago of a potentially serious security hole that may exist in Ethernet device drivers, many leading software and hardware manufacturers have yet to indicate whether their products contain the vulnerability. The vulnerability concerns the way in which NIC (network interface card) device drivers transmit data from one machine to another on a Ethernet network.

According to standards published by the Institute of Electrical and Electronics Engineers (IEEE), streams of information sent over an Ethernet network should be organized into "frames" that are at least 46 bytes long.

In some instances where higher layer protocols such as IP (Internet Protocol) provide packet data that is less than 46 bytes long, the software device drivers are supposed to fill in the empty space in the Ethernet frame with unusable data -- a process known as "padding" the frame.

The link for this article located at LinuxWorld.com.au is no longer available.