4. How can I find out if my machine is vulnerable?
Any computer using Broadcom NetXtreme chips with ASF activated and configured is vulnerable. Users of such computers should apply the official patches (see 6). Other vendor cards and other cards models are not impacted by this vulnerability. Machines using Broadcom NetXtreme chips when ASF has never been configured (Requires to launch the Broadcom ASF configuration tool) are not vulnerable but patching is highly recommended.
5. How can I protect my computers from such an attack?
If your computer is vulnerable to this attack you can either (in order of preference):
- 1. apply the vendor patch (see 6) ;
- 2. deactivate ASF. This should be done using the Broadcom ASF Configuration tool and not by turning off ASF in the BIOS of the machine;
- 3. configure all your network packet-filters to filter UDP ports used by ASF (623 and 664).
Please note that some operating systems actually deactivate ASF at boot time. Some operating systems or hypervisors might also take advantage of hardware technologies such as Intel Vt-d and AMD I/OMMUs that would limit the impact of the attack.
Once it hits the fan, the only rational choice is to sweep it up, package it, and sell it as fertilizer.