Date: Sat, 7 Jan 2012 18:01:46 -0500 From: Xi Wang <xi.wang@...il.com> To: oss-security@...ts.openwall.com Subject: Malicious devices & vulnerabilties Hi, In general driver code trusts hardware devices and often doesn't validate the data they respond with. But how about USB devices that an attacker could plug into a victim's computer? For example, an attacker may craft a USB device with a long product name to cause a buffer overflow (CVE-2011-0712). http://www.openwall.com/lists/oss-security/2011/02/16/5 http://twitter.com/#!/mwrlabs/status/44814759396249600 Here is another possible bug in the USB audio format parser I tried to report upstream. https://lkml.org/lkml/2012/1/4/215 I am wondering where to draw the line. Should such device drivers be considered vulnerable or not? Thanks. - xi
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ