oss-sec mailing list archives
RE: [security-vendor] Re: [oss-security] Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices
From: "Radzykewycz, T (Radzy)" <radzy () windriver com>
Date: Tue, 23 Aug 2016 15:01:07 +0000
________________________________________
From: Kurt Seifried [kseifried () redhat com] Sent: Tuesday, August 23, 2016 7:21 AM To: oss-security Cc: Marcus Meissner; Adam Maris; Greg KH; CVE ID Requests; security () kernel org Subject: [security-vendor] Re: [oss-security] Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices On Mon, Aug 22, 2016 at 11:38 PM, Willy Tarreau <w () 1wt eu> wrote:I'd classify it differently : something where a bug allows someone unauthorized to do something he couldn't do differently needs a CVE. That includes memory corruption, code execution, privilege increases, local DoS/panic/oops by just executing an exploit, etc. Here we're speaking about someone plugging some hardware into an open port which immediately takes the whole system down. Sure, the faulty code makes this possible. But the hardware is purposely designed for this. I can also design some hardware which takes the system down and possibly even fries it without involving the code at all. So once this device is built, if we assign a CVE, nobody will fix it and it will not even apply to any specific OS. Oh, after just one Google request I found that I was not the first one to think about it, it already exists : http://arstechnica.com/security/2015/10/usb-killer- flash-drive-can-fry-your-computers-innards-in-seconds/Ah but defending against this sort of physical attack is actually quite easy, use a USB hub, or for higher assurance use a wireless USB hub. TBH I'm not sure what the difference is between say the above USB killer and a small taser or a small squirt bottle of saline solution.
If an attacker drops a bottle of saline solution on the floor outside the target's office, it's unlikely to be plugged in to the USB port. Enjoy! -- radzy
In general I should be able to plug USB devices into a computer without the computer succumbing to software based attacks (stuxnet anyone?). -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secalert () redhat com
Current thread:
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices, (continued)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Adam Maris (Aug 18)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Willy Tarreau (Aug 18)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Marcus Meissner (Aug 22)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices cve-assign (Aug 22)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 22)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices cve-assign (Aug 22)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Greg KH (Aug 23)
- Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices cve-assign (Aug 23)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Willy Tarreau (Aug 22)
- Re: Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Kurt Seifried (Aug 23)
- RE: [security-vendor] Re: [oss-security] Re: CVE Request: Linux kernel crash of OHCI when plugging in malicious USB devices Radzykewycz, T (Radzy) (Aug 23)