oss-sec mailing list archives
Re: Malicious devices & vulnerabilties
From: Greg KH <greg () kroah com>
Date: Sun, 8 Jan 2012 09:07:25 -0800
On Sat, Jan 07, 2012 at 06:01:46PM -0500, Xi Wang wrote:
Hi, In general driver code trusts hardware devices and often doesn't validate the data they respond with. But how about USB devices that an attacker could plug into a victim's computer? For example, an attacker may craft a USB device with a long product name to cause a buffer overflow (CVE-2011-0712). http://www.openwall.com/lists/oss-security/2011/02/16/5 http://twitter.com/#!/mwrlabs/status/44814759396249600 Here is another possible bug in the USB audio format parser I tried to report upstream. https://lkml.org/lkml/2012/1/4/215 I am wondering where to draw the line. Should such device drivers be considered vulnerable or not? Thanks.
They should be considered buggy, yes, and as such, the kernel developers will fix any reported problems (or we should, if not, please let me know.) But note, as these almost always fall under the "you have physical access" category, their security impact is generally considered low. thanks, greg k-h
Current thread:
- Re: Malicious devices & vulnerabilties, (continued)
- Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 08)
- Re: Malicious devices & vulnerabilties Ludwig Nussel (Jan 09)
- Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 09)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Eitan Adler (Jan 08)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Vasiliy Kulikov (Jan 09)
- Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 08)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 09)
- Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 09)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Hanno Böck (Jan 08)
- Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)