CVE-2011-0640

Priority
Low
Description
The default configuration of udev on Linux does not warn the user before
enabling additional Human Interface Device (HID) functionality over USB,
which allows user-assisted attackers to execute arbitrary programs via
crafted USB data, as demonstrated by keyboard and mouse data sent by
malware on a smartphone that the user connected to the computer.
References
Package
Source: udev (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
More Information

Updated: 2017-10-23 12:15:16 UTC (commit 13562)