After nearly two years Intel has finally published an advisory and formal CVE entry for a flaw in their Puma 5, 6 and 7 chipsets that resulted in various broadband ISP routers, such as Virgin Media UK’s Hub 3.0 (ARRIS TG2492S/CE), suffering from a mix of latency spikes and a DDoS security vulnerability.
The new advisory (INTEL-SA-00097) and related CVE (CVE-2017-5693) simply states, “Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic” and that “currently, we are not aware of any working exploits” (credits to The Register for spotting).
At the root of all this is the fact that the somewhat weak CPU (processor) inside the modem component of Virgin’s router (Puma 6) was taking on too much work while processing network packets, which caused the chipset to run a high-priority maintenance task every few seconds. Sadly this extra workload ended up causing momentary latency spikes (increases of 200 milliseconds+), plus a little packet loss.
Advertisement
Suffice to say that fans of fast paced multiplayer games and other time sensitive internet apps quickly noticed the resultant lag (high pings), which as Intel has suggested could separately also make the chipset more vulnerable to Distributed Denial of Service (DDoS) style attacks.
We first reported on this issue all the way back in 2016 (here), although Virgin Media only began deploying a related firmware fix (v9.1.116.603 or .608) for a limited number of their Hub 3.0 users earlier this year (here). In fairness Liberty Global chose the hardware for VM and both had to wait awhile for Intel’s suggested solution before they could even begin testing the fix, which was a significant change and thus took time to trial.
The partial fix involved shifting some of the workload away from the CPU (we think the AR9382 comms chip takes it on) and did a few other things to improve the situation, which resolved a fair bit of the underlying problem. But the last update we received in June 2018 suggested that Virgin Media had only distributed this firmware to a number of trial users and customers’ on their top 350Mbps tier (formerly 300Mbps).
Recently some Virgin Media customers have also claimed that the fix may be negatively impacting their WiFi performance (perhaps not too surprising given how the load has been switched around inside), but as we’ve said before there’s a limit to what the ISP or Intel can do about all this (underpowered hardware) and others report no such issues.
Advertisement
VM Customer Spitfire16 said:
“I have also seen a degrade in WiFi Performance since the 608 patch.”
VM Customer OllieNZ said:
“608 also destroyed my WIFI. I was already running some experiments to compare the SH3 to an old Asus RT-N66U and the 9 year old Asus consistently out performed the SH3 both in signal strength (at least 10dbm greater all throughout the house) and quality/stability. Then the update hit and destroyed the WIFI, it was barely usable from any more than 10ft away.”
Generally it’s always been best to stick the Hub 3.0 into modem-only mode and then use another router for handling the WiFi / home networking. Hopefully Virgin’s future Hub 4.0 router (SuperHub v4), whenever it turns up, will make use of better hardware to help move on from issues like this.
In the meantime we have requested an update from Virgin Media on the status of their firmware fix deployment and will amend this article once that arrives.
UPDATE 22nd August 2018
After much prompting we’ve finally heard back from Virgin Media on the status of their Hub 3.0 latency fix. The operator notes that their .608 firmware code has now been rolled out to around 90% of their base and they’ll push the upgrade to the remaining units in the “coming weeks“.
Advertisement
Virgin added that there have been no major performance issues identified in trials and pilot, although a small volume of post-rollout issues have been reported to their CPE (router) team and are being assessed at present.
Comments are closed