SECURITY RESEARCHERS have discovered a series of vulnerabilities in the way that USB devices communicate with Linux.
“All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine,” he explained.
It’s the tip of the iceberg. He’s actually found 79. These are just the ones that he and his colleagues have patched.
Some of them are simple DoS attacks – the sort of thing that will just make the computer freeze up or reboot. But there are others that can be made to run malicious code – which is a posh way of saying malware.
Konovalov found the vulnerabilities using a tool called syzkaller, a Google creation that uses a technique known as “fuzzing” to flag up kernel borkage.
Although this type of flaw would need access to the host system, that doesn’t mean they’re any less dangerous. An actor with the right experience and security access could bring down entire servers or even entire companies with a USB stick.
Even so-called air-gapped systems, which don’t have direct access to the normal interweb can be attacked using these flaws. And if you’re air-gapping, there’s usually a good reason why you don’t want public access.
A good example of an air-gapped system might be a cash machine network for example. See? Bad times.
Although the open source community has a robust approach to creating safe environments, there are so many USB devices out there, not every one can be tested with every machine – we’re in monkey/typewriter territory in reverse – eventually, a combination will flag a vulnerability, but it’s something of a crapshoot.
Fuzzing tools like sykaller and University of London’s POTUS are a great solution as they can detect using possibility, not just a physical connection. µ
Source : Inquirer