Heaps of Linux kernel USB flaws found by Google Hacker

Recently, a Google security researcher, Andrey Konovalov uncovered a number of Linux vulnerabilities associated with the malicious USB device in the target system.

Users have this general perception that Linux and MacOS are far more secured than Windows. While this idea is largely true, these systems are also vulnerable to suspicious attacks. Konovalov found these 14 Linux USB flaws using Syzkaller, a kernel fuzzing toolwhich reported that “ All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine.”

But to attack a Linux system via the USB device, the attacker must have a physical access to the machine but there are many chances of triggering this attack in public places.

These flaws can be used to particularly exploit air-gapped systems that are not connected to the internet. Users are in habit of picking up random and unattended USB drives and inserting them in our personal computer without so much as a second thought.

These 14 reported bugs are part of a larger list of 79 flaws that are found by Konovalov. Many of these bugs are still unreported and unpatched. We strongly suggest the users to keep their respective machines safe and avoid plugging in random USB drives.

Tag : Linux kernel
FAQ
Q
My device stopped working in 2.6.10, what can I do?
A
In the 2.6.10 kernel, the method of enumerating devices was changed to follow a similar algorithm as Windows (while the standard allows both many devices require the Windows method). It seems some devices do not like this new method though. If you have started having a problem since this kernel with some of your devices you might want to use the option "old_scheme_first=y" with the usbcore module.
Q
Have the recent Linux kernel USB vulnerabilities found by Andrey Konovalov been patched?
A
You can check yourself. Choose a random CVE - I chose CVE-2017-16538. It states .
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service.
Q
What are Heaps of Linux kernel USB flaws?
A
Recently, a Google security researcher, Andrey Konovalov uncovered a number of Linux vulnerabilities associated with the malicious USB device in the target system.
But to attack a Linux system via the USB device, the attacker must have a physical access to the machine but there are many chances of triggering this attack in public places.
Q
What is an anonymous memory?
A
anonymous memory is a memory that is managed by segvn but is not really directly associated with a file. It's used for things like process stacks, heap, or COW (copy on write) pages. ... Typically when you mmap a file, you are give it a vnode, offset and length
Q
Does Linux kernel use virtual memory?
A
Yes, the Linux kernel uses virtual memory just as user-space processes use virtual memory. That virtual memory is special in some ways—the kernel controls it, after all—but it is virtual, not physical. ... The kernel uses memory permissions so that the user process cannot read from or write to its 1GB.