Date: Tue, 23 Aug 2016 08:21:25 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security <oss-security@...ts.openwall.com> Cc: Marcus Meissner <meissner@...e.de>, Adam Maris <amaris@...hat.com>, Greg KH <greg@...ah.com>, CVE ID Requests <cve-assign@...re.org>, security@...nel.org Subject: Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices On Mon, Aug 22, 2016 at 11:38 PM, Willy Tarreau <w@....eu> wrote: > > I'd classify it differently : something where a bug allows someone > unauthorized to do something he couldn't do differently needs a CVE. > That includes memory corruption, code execution, privilege increases, > local DoS/panic/oops by just executing an exploit, etc. Here we're > speaking about someone plugging some hardware into an open port which > immediately takes the whole system down. Sure, the faulty code makes > this possible. But the hardware is purposely designed for this. I can > also design some hardware which takes the system down and possibly even > fries it without involving the code at all. So once this device is > built, if we assign a CVE, nobody will fix it and it will not even > apply to any specific OS. Oh, after just one Google request I found > that I was not the first one to think about it, it already exists : > > http://arstechnica.com/security/2015/10/usb-killer- > flash-drive-can-fry-your-computers-innards-in-seconds/ > Ah but defending against this sort of physical attack is actually quite easy, use a USB hub, or for higher assurance use a wireless USB hub. TBH I'm not sure what the difference is between say the above USB killer and a small taser or a small squirt bottle of saline solution. In general I should be able to plug USB devices into a computer without the computer succumbing to software based attacks (stuxnet anyone?). -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secalert@...hat.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ