Date: Tue, 23 Aug 2016 08:21:25 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security <oss-security@...ts.openwall.com> Cc: Marcus Meissner <meissner@...e.de>, Adam Maris <amaris@...hat.com>, Greg KH <greg@...ah.com>, CVE ID Requests <cve-assign@...re.org>, security@...nel.org Subject: Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices On Mon, Aug 22, 2016 at 11:38 PM, Willy Tarreau <w@....eu> wrote: > > I'd classify it differently : something where a bug allows someone > unauthorized to do something he couldn't do differently needs a CVE. > That includes memory corruption, code execution, privilege increases, > local DoS/panic/oops by just executing an exploit, etc. Here we're > speaking about someone plugging some hardware into an open port which > immediately takes the whole system down. Sure, the faulty code makes > this possible. But the hardware is purposely designed for this. I can > also design some hardware which takes the system down and possibly even > fries it without involving the code at all. So once this device is > built, if we assign a CVE, nobody will fix it and it will not even > apply to any specific OS. Oh, after just one Google request I found > that I was not the first one to think about it, it already exists : > > http://arstechnica.com/security/2015/10/usb-killer- > flash-drive-can-fry-your-computers-innards-in-seconds/ > Ah but defending against this sort of physical attack is actually quite easy, use a USB hub, or for higher assurance use a wireless USB hub. TBH I'm not sure what the difference is between say the above USB killer and a small taser or a small squirt bottle of saline solution. In general I should be able to plug USB devices into a computer without the computer succumbing to software based attacks (stuxnet anyone?). -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secalert@...hat.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.