Security Flaw in NetUSB Puts “Millions” of Routers at Risk
As companies continue to beat the Internet of Things drum, promoting a world when every device is smart, and anything electronic is network connected, we have some news that shows just what a horrible idea this really is. A security firm has found that a Linux kernel driver called NetUSB contains an amateurish error that can be exploited by hackers to remotely compromise any device running the driver. The driver is commonly found in home routers, and while some offer the ability to disable it, others do not appear to do so.
NetUSB is developed by Taiwanese company KCodes. The purpose of the driver is to allow PCs and Macs to connect to USB devices over a network, so that these devices can be shared just by plugging them into a Wi-Fi router or similar. To do this, a driver is needed at each end; a client driver on the PC or Mac, and a server driver on the router itself.
This router-side driver listens to connections on TCP port 20005, and it’s this driver that contains a major security flaw. SEC Consult Vulnerability Lab, which publicized the problem, discovered that the Linux driver contains a simple buffer overflow. As part of the communication between client and server, the client sends the name of the client computer; if this name is longer than 64 bytes, the buffer overflows. The company says that this overflow can be exploited to enable both denial of service (crashing the router) and remote code execution.