Linux kernel USB drivers have vulnerabilities

USB flash drive bugs

The Linux kernel is not invulnerable as some believe. Although GNU / Linux is a fairly secure operating system, that does not mean that it is 100% secure and that it is free of bugs and vulnerabilities. And now the news has broken out about numerous vulnerabilities that lie in USB device drivers that integrates the Linux kernel. Honestly at present I do not know the name of the person in charge of these controllers, but not long ago Sarah Sharp from Intel was, a company that I suppose will be largely responsible for this ...

Those who have sounded the alarm have been Google security researchers, who have informed the community of 14 vulnerabilities within USB controllers so that they can be fixed immediately. These vulnerabilities can be exploited to attack the system and take control of the vulnerable system. These 14 are added to the 79 vulnerabilities found in the last month in USB drivers. The problems in this intel technology It has been in the news for some time, since the University of London has already created a tool called POTUS to search for vulnerabilities in the Linux kernel USB drivers, and thanks to it and other subsequent investigations, several of these security holes have been found, some of them present since 2003 and going unnoticed by many, although now they have become patents.

However, it is not something too alarming, and users should rest easy, as some of these vulnerabilities can be exploited only if the attacker has physical access to the vulnerable machine and not remotely, in addition to knowing that there will be patches for their solution soon. So we will continue to report on this problem ... And if you want more information, you can follow the trail of these vulnerabilities of the USB drivers from this link.


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.