oss-sec mailing list archives
Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices
From: Marcus Meissner <meissner () suse de>
Date: Mon, 22 Aug 2016 17:24:49 +0200
Hi, This seems a bit sore topic, and Mitre does not want to chime in. Perhaps we need to add more criteria to select CVE assignment. - simple DOS (e.g. NULL ptr dereference) when plugging in: No CVE - code execution (use after free, write overflows) when plugging in: Assign CVE That said, this leaves malicious USB devices posing as regular keyboards for text injection unclassified ... Ciao, Marcus On Thu, Aug 18, 2016 at 09:50:24PM +0200, Willy Tarreau wrote:
On Thu, Aug 18, 2016 at 08:16:27PM +0200, Adam Maris wrote:Attacker doesn't necessarily need to have physical access to USB port. He can somehow hand USB off to the victim that will with good intentions stick it to his USB port, unexpectedly causing kernel panic. Difference is that one probably wouldn't pour glue or corrosive liquid into his USB port believing that nothing bad will happen.Well, it happened to me when I was a kid, with a PS/2 port. I handed off a device to someone of trust to connect to the PS/2 port and parallel port. (PS/2 to pick the +5V). I wired it wrong and the motherboard died, as amazing as it seems and the person didn't find it fun as it was not his PC. So yes it can be done even without suspecting. It's easy to do whatever you want using a USB stick. You can use the 3W it provides to charge a 300V capacitor and discharge it on the D+/D- to test the clamping diodes robustness, etc... Thus I don't think either that something "only causing a panic" deserves a CVE. It needs to be fixed however, for sure! Regards, Willy
-- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real <meissner () suse de>
Current thread:
- CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Marcus Meissner (Aug 18)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 18)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Marcus Meissner (Aug 18)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 18)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Marcus Meissner (Aug 18)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Ben Hutchings (Aug 18)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Adam Maris (Aug 18)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Willy Tarreau (Aug 18)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Marcus Meissner (Aug 22)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices cve-assign (Aug 22)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 22)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices cve-assign (Aug 22)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 23)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices cve-assign (Aug 23)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Marcus Meissner (Aug 18)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 18)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Willy Tarreau (Aug 22)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Kurt Seifried (Aug 23)
- RE: [security-vendor] Re: [oss-security] Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Radzykewycz, T (Radzy) (Aug 23)