Question regarding BadUSB / #LinuxKernel: I was reading this* vulnerability report from last year (CVE-2024-38394) that mentions that the kernel identifies some USB devices purely based on vendor:product disregarding the class, are there any HID drivers that are used in this way? My concern would be for instance a device that identifies itself with, for example, class code 02h but behaves as 03h to bypass some usbguard rules
https://pulsesecurity.co.nz/advisories/usbguard-bypass
[#]infosec #linux
=> More informations about this toot | More toots from trobador@mastodon.social
text/geminiThis content has been proxied by September (3851b).