Hi,
we bought an X710-DA2 (the bulk version, X710DA2BLK, 933217) a few days ago, and I'm unable to perform a firmware update on the card.
The card came with firmware 4.53 (0x80001e5b, 1.1747.0), and I've tried all available firmware versions now, from 4.42 downgrade over 4.53, 5.02 up to 6.01, both the EFI versions and the Linux versions (with both Archlinux 2017-09 and CentOS 7.4). Without any exception, all available updates either segfault or give me the status "Update not available" for the card. The only thing that I have been able to update is the boot agent.
In case it matters: I've tried to perform the updates using a Dell Optiplex 7020, which has an Intel I217-LM onboard NIC. I have also tried disabling the onboard NIC in the BIOS for some of my update attempts, but that didn't help either.
Not updating the firmware is not an option given the fact that Intel seems have to managed to manufacture a 300€ NIC with a built-in DoS vulnerability:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00052&languageid=en-fr
Bonus: According to the sticker on the PCB, the card was manufactured in December 2017 - this is more than half a year after the above-mentioned security advisory was published on Intel's own website. Why on earth do you even ship NICs with such an outdated firmware with known security vulnerabilites?
So far, of the things that I have tested, the only things that seem to be actually working properly are the update process for the boot agent and the laughable restriction to overprized Intel SFP+ modules.
I'm pretty underwhelmed to say the least.