Linux HID Code enables Memory-Overwrite via USB?

There seem to be some serious issues with the current implementation of the HID code in some Linux distributions (see this: “Linux HID security flaws”). What this imho means is: if you use Debian (Wheezy) or Red Hat (Fedora 19, Enterprise Linux 6) in environments where the USB port is accessible to unauthorized persons, you are at risk.

Exploitation of this vulnerability seem to be so quick and easy for a prepared attacker, that I think you should be aware of that risk – a “Teensy USB Development Board” might be enough to compromise a vulnerable system within seconds.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Sylvio's Infobox

Aktuelle Themen rund um SQL Server, BI, Windows, ...

Meredith Lewis

Professional Digital Portfolio

Vittorio Bertocci

Just another weblog

ScottGu's Blog

Just another weblog

AJ's blog

Thoughts and informations I think worthwhile to share...

Outlawtrail - .NET Development

Architecture & Design

SDX eXperts Flurfunk

Just another weblog

%d bloggers like this: