Conversation

Andrey Konovalov

@andreyknvl

·

Feb 21, 2016

CVE-2016-2384: arbitrary code execution due to a double-free in the usb-midi linux kernel driver

xairy.github.io

CVE-2016-2384: Exploiting a double-free in the USB-MIDI Linux kernel driver

× The content has been moved to https://xairy.io/articles/cve-2016-2384

1

84

80

Cedric Halbronn

@saidelike

·

Feb 22, 2016

Replying to

@andreyknvl

@andreyknvl

very good work and blogpost. Very entertaining to read!

1

1

Cedric Halbronn

@saidelike

·

Feb 23, 2016

Replying to

@saidelike

@andreyknvl

BTW any idea if the USB device could be emulated instead of using a hardware device?

1

Andrey Konovalov

@andreyknvl

Replying to

@saidelike

@saidelike

You mean emulated from the userspace on a target machine? I don't think so. Unless you implement a kernel module that does that.

12:31 PM · Feb 23, 2016·Twitter Web Client

Andrey Konovalov

@andreyknvl

·

Feb 23, 2016

Replying to

@andreyknvl

@saidelike

It might be possible to use a remote usb device (via usbip e.g.). Check out the talk by Andy Davis:

youtube.com

USB Attacks Need Physical Access Right? Not Any More… by Andy Davis

1

1

Cedric Halbronn

@saidelike

·

Feb 23, 2016

Replying to

@andreyknvl

@andreyknvl

ya this is what I meant. Thanks for the info :)