oss-sec mailing list archives

Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2

From: Jeremy Stanley <fungi () yuggoth org>
Date: Thu, 22 Aug 2019 18:02:14 +0000

On 2019-08-22 13:57:53 -0400 (-0400), Perry E. Metzger wrote:

Are these even realistic?   If I'm going to leave malicious
USB devices in the parking lot for mischief am I going to rely
on the unknown victim running a Linux distro with the
requisite kernel modules or am I going to just drop a cheap
and near-universal USB killer?


Android phones run Linux. People routinely plug those phones in to USB
charging stations in airports, on airplanes, at booths in public
places, etc.


Exploitation of which is commonly referred to as "juice jacking"[*]
and has led to a booming demand for "USB condoms" lately.

[*] https://en.wikipedia.org/wiki/Juice_jacking
-- 
Jeremy Stanley

Attachment: signature.asc
Description:

Current thread:

Linux kernel: multiple vulnerabilities in the USB subsystem x2 Andrey Konovalov (Aug 20)
- Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Eric Biggers (Aug 21)
- Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 John Haxby (Aug 22)
  - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Marcus Meissner (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 John Haxby (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Andrey Konovalov (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Greg KH (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Brad Spengler (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Greg KH (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Perry E. Metzger (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Jeremy Stanley (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 John Haxby (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Kurt H Maier (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Eddie Chapman (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Perry E. Metzger (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Eddie Chapman (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Mathias Payer (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Stuart D. Gathman (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Perry E. Metzger (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Eddie Chapman (Aug 22)
    - Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2 Greg KH (Aug 23)

(Thread continues...)