Intel Issues Firmware Fix for Cable Modem Chips
Intel Corp. has finally gotten around to releasing a new set of firmware that plugs a security hole in chips that have been powering three generations of DOCSIS cable modems and gateways.
According to an Intel Corp. (Nasdaq: INTC) security center advisory with a severity rating of "Important," the chipmaker, on July 31, issued new firmware for retail and MSO-supplied cable modems that fixes a vulnerability that could leave cable modems exposed to denial-of-service (DoS) attacks.
According to Intel, the issue impacted a family of DOCSIS modems and gateways that were powered by the Puma 5, Puma 6 and Puma 7 series of chips. The Puma 5 and 6 are for DOCSIS 3.0 modems, while the newer Puma 7 was developed for the newer DOCSIS 3.1 spec. With an eye toward network migrations, D3.1 modems are hybrids in the sense that they can support both DOCSIS 3.0 and DOCSIS 3.1 network traffic.
Intel has been asked for more color on how quickly it will deploy the new firmware, but noted on the advisory, spotted by The Register, that it is working with both ISPs and makers of retail devices to distribute updated firmware that mitigates the issue.
The issue? A hole in the firmware in modems with those Intel Puma chipsets were vulnerable to "resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic," Intel explained.
Update: Intel said it can't comment on deployment timelines of the firmware update to end users, as system manufacturers and ISPs will deliver the updates to their customers directly.
The security issue caused some vendors that use Intel chips to reach for the Excedrin. Arris Group Inc. (Nasdaq: ARRS) and Netgear Inc. (Nasdaq: NTGR), for example, found themselves on the pointy end of lawsuits complaining about network latency and jitter defects in some models.
Last March, a consumer in California named Carlos Reyna filed a class action against Arris in the US Northern District Court, Northern District of California, alleging that the company's SURFboard SB6190 DOCSIS 3.0 modem running the Puma 6 was defective and that Arris had failed to announce a recall on the model or otherwise offer to repair or replace it. In its recent 10-Q, Arris noted that other state court complaints have been filed but are stayed pending the outcome of the California court action.
A similar case in the same court against Netgear over its CM700 DOCSIS 3.0 modem (which also uses Intel chips) involving three other plaintiffs was dismissed with prejudice last August.
Those Arris and Netgear models all received DOCSIS certification from CableLabs , but the Colorado-based R&D house tests for interoperability, not individual product performance and the issue discovered in the Intel firmware.
For its part, Linksys posted a notification last May that the vulnerability in Intel chips affects several of its modem and gateway models. While the issue could allow someone to slow or stop access on modems with those chips, the issue doesn't pose a risk of data loss or allow someone to access the user's home network, Linksys said.
The new firmware should remove a technical overhang on Intel's cable modem chip business. Intel, which competes in the DOCSIS arena with Broadcom, entered the cable modem game in earnest in 2010 when it acquired that business from Texas Instruments. (See Intel Snares TI's Cable Modem Business.)
Jeff Heynen, consulting director at SNL Kagan , estimates that Broadcom has 60% of the DOCSIS CPE chipset market, and the remaining 40% with Intel.
Most cable modem and gateway makers tend to create versions of products that use both Intel and Broadcom chips, he said. An exception is Hitron Technologies Inc. , which uses Intel silicon in its DOCSIS CPE.
MSOs similarly try to avoid vendor lock-in. Comcast Corp. (Nasdaq: CMCSA, CMCSK), for example, uses Arris/Intel and Technicolor (Euronext Paris: TCH; NYSE: TCH)/Broadcom combos for its new line of DOCSIS 3.1 gateways.
— Jeff Baumgartner, Senior Editor, Light Reading