Heaps of Linux kernel USB flaws found by Google Hacker
Recently, a Google security researcher, Andrey Konovalov uncovered a number of Linux vulnerabilities associated with the malicious USB device in the target system.
Users have this general perception that Linux and MacOS are far more secured than Windows. While this idea is largely true, these systems are also vulnerable to suspicious attacks. Konovalov found these 14 Linux USB flaws using Syzkaller, a kernel fuzzing toolwhich reported that “ All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine.”
But to attack a Linux system via the USB device, the attacker must have a physical access to the machine but there are many chances of triggering this attack in public places.
These flaws can be used to particularly exploit air-gapped systems that are not connected to the internet. Users are in habit of picking up random and unattended USB drives and inserting them in our personal computer without so much as a second thought.
These 14 reported bugs are part of a larger list of 79 flaws that are found by Konovalov. Many of these bugs are still unreported and unpatched. We strongly suggest the users to keep their respective machines safe and avoid plugging in random USB drives.
Comments ( 0 )
No comments available