On Tue, Nov 7, 2017 at 11:08 PM, Dale <rdalek1...@gmail.com> wrote: > Howdy, > > I ran up on this link. Is there any truth to it and should any of us > Gentooers be worried about it? > > http://www.theregister.co.uk/2017/11/07/linux_usb_security_bugs/ > > Isn't Linux supposed to be more secure than this?? >
In theory. There was no comment on the existence of such bugs in the Windows driver stack, but they likely exist. However, note: "The impact is quite limited, all the bugs require physical access to trigger," said Konovalov. "Most of them are denial-of-service, except for a few that might be potentially exploitable to execute code in the kernel." Which is typically what one should expect from bugs discovered by fuzzing. These are issues which should be fixed, but keep in mind that there has been (and still is) lots of kernel development that focuses on isolating the kernel from itself. The reporting of these bugs will likely be used to make those mechanisms even better. To compare, here is an "exploit" discovered in a monitor: https://github.com/RedBalloonShenanigans/MonitorDarkly. The prerequisites include having debug access to the monitor's controller. Personally I am surprised this was presented at DefCon as it does not really seem appropriate. At least the articles covering the code should be reworded - it's exploiting the monitor almost the same way you can exploit a car by driving it. More and more security releases are starting to look like the above, as the researchers and authors clamor for notability, which is increasingly hard to find. I think the article you found strikes a middle ground - the exploits are relevant in practice, but take a lot of work to use. Cheers, R0b0t1