[ad#Google Adsense-1]
A bug in the Caiaq USB driver, which could be used to execute arbitrary at the kernel level has been reported by Rafael Dominguez Vega of MRW InfoSecurity.
The device drivers are vulnerable to buffer overflow condition when an USB device with an unusually long name (over 80 characters) is connected to the machine. This is due to the use of strcpy() which length is not being tested, enabling the attacker to execute malicious code on the target machine.
In order to exploit the vulnerability the attacker would have to have physical access to the target machine. It does not matter how secure a computer is, as long as any human has physical access to it he or she can be manipulated with social engineering techniques such as mailing the victim a maliciously crafted USB chip along a note stating that it contains pictures of him or his family.
Having an encrypted harddrive would not help in such situations as when the user has logged on the machine as the kernel has access to the filesystem.
Fortunately a fix has been released and should hit your distribution repos soon.
[ad#Google Adsense-1]
Yeah, as is everything with physical access and a USB device.
You can just go to GRUB and go in as toot. Or boot a USB and change the root password.
You can do the same in windoze using chntpw. Or another system, just as easily. Oh, woe. How very terrible.
Don’t forget you can just blacklist that particular driver and if you don’t use that hardware problem solved. No updates required to fix for most likely 90 percent of users out there. Not like its a core driver.
If it’s an untrusted usb device, just boot a livecd or check it out in a VM.