In the USB-stack of the Linux kernel, serious vulnerabilities are found

09 November 2017, 04:16 | Technologies 
фото с InternetUA

In the USB-stack of the Linux kernel, there are a number of serious vulnerabilities that can be exploited by malicious users to execute arbitrary code and gain control over the user device.

Most of the vulnerabilities were detected by Google's security researcher Andrei Konovalov. The expert notified the Linux community about the 14 vulnerabilities found in USB subsystems of the Linux kernel. According to Konovalov, each of them can be exploited by a local attacker using a special malicious USB device.

In total, the researcher was able to detect 79 problems associated with USB in Linux. Most of them lead to denial of service (Denial of Service, DoS), causing the OS to hang or reboot, but some allow an attacker to elevate privileges on the target system and execute malicious code. All problems were detected using the syzkaller faszing tool, developed by Google to search for vulnerabilities.

Earlier this year, security researchers from the University of London introduced a tool to find problems in the USB-stack Linux called POTUS. The tool finds vulnerabilities by installing a virtual machine, a universal USB device, and testing the stack using methods such as fault injection, fuzzing, and symbolic execution,. Using POTUS, researchers found two vulnerabilities in the Linux kernel. The first vulnerability of CVE-2016-5400 resulted in a memory leak in the USB device driver used to communicate with AirSpy Software Defined Radio (SDR) software,. The second vulnerability (not received the CVE identifier) ??existed in the Lego USB Tower driver in the Linux kernel since 2003.

Fuzzing (fuzzing) is a software testing technique, often automatic or semi-automatic, which involves sending incorrect, unexpected or random data to the application.

Troubleshooting - the method used in software testing. It assumes the artificial introduction of various types of faults for testing fault tolerance and, in particular, handling exceptions.

Symbolic execution is a technique that allows simulating the execution of a program in which some of the input variables are represented in a symbolic form.

Источник: InternetUA
© 2009 - 2025 NewsMe. All rights reserved.
The site administration is not responsible for information what put in, as well as its reliability. Use material NewsMe permitted only for reference (for internet issues - hyperlinks) on NewsMe.com.ua.

Наши проекты: