mailing list archives
Malicious devices & vulnerabilties
From: Xi Wang <xi.wang () gmail com>
Date: Sat, 7 Jan 2012 18:01:46 -0500
In general driver code trusts hardware devices and often doesn't
validate the data they respond with. But how about USB devices
that an attacker could plug into a victim's computer? For example,
an attacker may craft a USB device with a long product name to cause
a buffer overflow (CVE-2011-0712).
Here is another possible bug in the USB audio format parser I tried
to report upstream.
I am wondering where to draw the line. Should such device drivers
be considered vulnerable or not? Thanks.