oss-sec mailing list archives
Re: Malicious devices & vulnerabilties
From: Eugene Teo <eugene () redhat com>
Date: Mon, 09 Jan 2012 03:48:20 +0800
On 01/08/2012 07:19 PM, Florian Weimer wrote:
* Xi Wang:I am wondering where to draw the line. Should such device drivers be considered vulnerable or not? Thanks.I think they should be considered vulnerable. Some applications need some robustness to attacks even from the local console (e.g., student computer rooms). USB is also a popular transport in many air-gapped environments.
I would consider them vulnerable with low security impacts. If you are fixing such issues, do post them to the list. Thanks, Eugene
Current thread:
- Malicious devices & vulnerabilties Xi Wang (Jan 07)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 08)
- Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)
- Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 08)
- Re: Malicious devices & vulnerabilties Ludwig Nussel (Jan 09)
- Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 09)
- Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 08)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Eitan Adler (Jan 08)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Vasiliy Kulikov (Jan 09)
- Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 08)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 09)
- Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 09)