Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
   Compare ISP   Rate your ISP
   Glossary   Glossary
Please login or register.

Login with username, password and session length
Advanced search  


Author Topic: Intel Coughs to Puma CPU Flaw that Hit Virgin Media Hub 3 Router  (Read 527 times)


  • Content Team
  • Kitizen
  • *
  • Posts: 2023

After nearly two years Intel has finally published an advisory and formal CVE entry for a flaw in their Puma 5, 6 and 7 chipsets that resulted in various broadband ISP routers, such as Virgin Media UK’s Hub 3.0 (ARRIS TG2492S/CE), suffering from a mix of latency spikes and a DDoS security vulnerability.

The new advisory (INTEL-SA-00097) and related CVE (CVE-2017-5693) simply states, “Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic” and that “currently, we are not aware of any working exploits” (credits to The Register for spotting).

At the root of all this is the fact that the somewhat weak CPU (processor) inside the modem component of Virgin’s router (Puma 6) was taking on too much work while processing network packets, which caused the chipset to run a high-priority maintenance task every few seconds. Sadly this extra workload ended up causing momentary latency spikes (increases of 200 milliseconds+), plus a little packet loss.

Suffice to say that fans of fast paced multiplayer games and other time sensitive internet apps quickly noticed the resultant lag (high pings), which as Intel has suggested could separately also make the chipset more vulnerable to Distributed Denial of Service (DDoS) style attacks.

We first reported on this issue all the way back in 2016, although Virgin Media only began deploying a related firmware fix (v9.1.116.603 or .608) for a limited number of their Hub 3.0 users earlier this year. In fairness Liberty Global chose the hardware for VM and both had to wait awhile for Intel’s suggested solution before they could even begin testing the fix, which was a significant change and thus took time to trial.

The partial fix involved shifting some of the workload away from the CPU (we think the AR9382 comms chip takes it on) and did a few other things to improve the situation, which resolved a fair bit of the underlying problem. But the last update we received in June 2018 suggested that Virgin Media had only distributed this firmware to a number of trial users and customers’ on their top 350Mbps tier (formerly 300Mbps).
BT Infinity 2 - Smart Hub 6 - ECI Cab


  • Addicted Kitizen
  • *****
  • Posts: 8286
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: Intel Coughs to Puma CPU Flaw that Hit Virgin Media Hub 3 Router
« Reply #1 on: August 14, 2018, 12:16:23 PM »

I could perhaps volunteer to speed it up.  ;D  Doing that to machine code is my passion. I have gone bonkers with some radical speed ups in the distant past. Sometimes of course you can't do much if the code is too good already or if there are external factors that you cannot control.