Linux Has a USB Driver Security Problem

Catalin Cimpanu, reporting for BleepingComputer: USB drivers included in the Linux kernel are rife with security flaws that in some cases can be exploited to run untrusted code and take over users' computers. The vast majority of these vulnerabilities came to light on Monday, when Google security expert Andrey Konovalov informed the Linux community of 14 vulnerabilities he found in the Linux kernel USB subsystem. "All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine," Konovalov said. The 14 flaws are actually part of a larger list of 79 flaws Konovalov found in Linux kernel USB drivers during the past months. Not all of these 79 vulnerabilities have been reported, let alone patched. Most are simple DoS (Denial of Service) bugs that freeze or restart the OS, but some allow attackers to elevate privileges and execute malicious code.

an attacker has physical access to the machine

you're already pwned

Re:Physical access

[phantomfive]

USB has a problem. Even if the kernel is 100% secure, you can use the USB standard to hack devices. This is why secure environments put glue in their USB ports.

Seems like a good thing!

[DarkOx]

Severs in locked data centers - safe
PCs in locked offices / homes - safe
Laptops - safe if you shut it down and have bios password to enable boot, probably safe with encrypted root fs, provided machine is shutdown to begin with.
Laptop in yours own hands - safe

Now all those consumer devices that the manufacture won't let you have access to, ROOTED!

This is a win.