Linux HID Code enables Memory-Overwrite via USB?

There seem to be some serious issues with the current implementation of the HID code in some Linux distributions (see this: “Linux HID security flaws”). What this imho means is: if you use Debian (Wheezy) or Red Hat (Fedora 19, Enterprise Linux 6) in environments where the USB port is accessible to unauthorized persons, you are at risk.

Exploitation of this vulnerability seem to be so quick and easy for a prepared attacker, that I think you should be aware of that risk – a “Teensy USB Development Board” might be enough to compromise a vulnerable system within seconds.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Sylvio's Infobox

Aktuelle Themen rund um SQL Server, BI, Windows, ...

Meredith Lewis

Professional Digital Portfolio

Vittorio Bertocci

Just another WordPress.com weblog

ScottGu's Blog

Just another WordPress.com weblog

AJ's blog

Thoughts and informations I think worthwhile to share...

Outlawtrail - .NET Development

Architecture & Design

SDX eXperts Flurfunk

Just another WordPress.com weblog

%d bloggers like this: