Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-0640

Опубликовано: 19 янв. 2011
Источник: redhat
CVSS2: 4.6

Описание

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

Отчет

The Red Hat Security Response Team has rated this issue as having no security impact. We do not plan to take any action regarding this flaw at this time. If additional information becomes available at a future date, we will revisit this issue and act accordingly.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=672513udev: Arbitrary code execution via crafted USB data, from smartphone connected to the system

4.6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-0640

ubuntu
почти 15 лет назад

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

nvd логотип

CVE-2011-0640

nvd
почти 15 лет назад

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

msrc логотип

CVE-2011-0640

msrc
около 5 лет назад

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB which allows user-assisted attackers to execute arbitrary programs via crafted USB data as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

debian логотип

CVE-2011-0640

debian
почти 15 лет назад

The default configuration of udev on Linux does not warn the user befo ...

github логотип

GHSA-8vp7-gx52-wmvx

github
больше 3 лет назад

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

4.6 Medium

CVSS2