Potential vulnerability in the Intel® Ethernet Controller X710 and XL710 product families

Intel ID:  INTEL-SA-00052
Product family:  Intel® Ethernet Controller X710 and XL710 Product Families
Impact of vulnerability Denial of Service
Severity rating Important
Original release:  May 31, 2016
Last revised:  May 31, 2016
Summary: 

A vulnerability was identified in the Intel Ethernet Controller X710 and XL710 product family NVM image v5.02 and v5.03.  Intel released an update to mitigate this issue on 31MAY2016.

Description: 

Intel has found a security vulnerability in the v5.02 and v5.03 release of the NVM images for the Intel® Ethernet Controller X710 and XL710 family.  Intel has released a v5.04 NVM image to mitigate this issue.  This update is available to customers through the Intel Download Center.

Affected products: 

Adapter Product

MM#

Order Code

Current Available Firmware Version

Mitigation Available on Intel Download Center:

Intel® Ethernet Converged Network Adapter X710-DA2

944042

EX710DA2G1P5

v5.02

 

 

 

 

 

 

 

 

For the v5.04 firmware update please use the Network Update Tool available from the Intel Download Center at (https://downloadcenter.intel.com/download/24769)

 

Intel® Ethernet Converged Network Adapter X710-DA2

945034

X710DA2G2P5

v5.02

Intel® Ethernet Converged Network Adapter X710-DA2

933217

X710DA2BLK

v5.02

Intel® Ethernet Converged Network Adapter X710-DA2

933206

X710DA2

v5.02

Intel® Ethernet Converged Network Adapter X710-DA2

933227

X710DA2G1P5

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

944040

EX710DA4FHG1P5                       

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

944041

EX710DA4G1P5

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

945033

X710DA4G2P5

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

945062

X710DA4FHG2P5

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

932576

X710DA4FHBLK

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

932575

X710DA4FH

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

932574

X710DA4G1P5

v5.02

Intel® Ethernet Converged Network Adapter X710-DA4

932577

X710DA4FHG1P5

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA1

943445

EXL710QDA1G1P5                       

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA1

945035

XL710QDA1G2P5

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA1

932584

XL710QDA1BLK

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA1

932583

XL710QDA1

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA1

932585

XL710QDA1G1P5

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA2

943446

EXL710QDA2G1P5

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA2

945036

XL710QDA2G2P5

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA2

932587

XL710QDA2BLK

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA2

932586

XL710QDA2

v5.02

Intel® Ethernet Converged Network Adapter XL710-QDA2

932588

XL710QDA2G1P5

v5.02

Intel Ethernet I/O Module XL710-QDA2

933743

AXX2P40FRTIOM

v5.02

Intel Ethernet I/O Module XL710-QDA1

933742

AXX1P40FRTIOM

v5.02

Intel® Ethernet Controller X710-AM2

936553

SR1ZP

V5.02/v5.03

Intel® Ethernet Controller X710-AM2

936554

SR1ZQ

V5.02/v5.03

Intel® Ethernet Controller X710-BM2

947361

SLLKC

V5.02/v5.03

Intel® Ethernet Controller X710-BM2

947359

SLLKB

V5.02/v5.03

Intel® Ethernet Controller XL710-AM1

936551

SR1ZM

V5.02/v5.03

Intel® Ethernet Controller XL710-AM1

936552

SR1ZN

V5.02/v5.03

Intel® Ethernet Controller XL710-BM1

947353

SLLKA

V5.02/v5.03

Intel® Ethernet Controller XL710-BM1

947351

SLLK9

V5.02/v5.03

Intel® Ethernet Controller XL710-AM2

936549

SR1ZK

V5.02/v5.03

Intel® Ethernet Controller XL710-AM2

936550

SR1ZL

V5.02/v5.03

Intel® Ethernet Controller XL710-BM2

947349

SLLK8

V5.02/v5.03

Intel® Ethernet Controller XL710-BM2

947348

SLLK7

V5.02/v5.03

Recommendations: 

Intel highly recommends that customers of the affected products obtain and apply the updated versions of the NVM image through the Intel Download Center at (https://downloadcenter.intel.com/download/24769).

Revision history: 

Revision
Date
Description
1.0
31-May-2016
Initial Release


Disclaimer:

INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” IN CONNECTION WITH INTEL® PRODUCTS. YOUR USE OF THE INFORMATION IN THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. INTEL RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. EXCEPT AS PROVIDED IN INTEL’S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT.



Reporting a security issue

If you have information about a security issue or vulnerability with an Intel product, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

For issues related to Intel managed open source projects, please visit http://www.01.org/security.

Please provide as much information as possible, including:

  • The products and versions affected
  • Detailed description of the vulnerability
  • Information on known exploits

  • A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

  • Vulnerability handling guidelines

  • Need product support?
    The secure@intel.com e-mail address should only be used for reporting security issues.

    If you...
  • Have questions about the security features of an Intel product
  • Require technical support
  • Want product updates or patches

  • Please visit Support & Downloads.