Language Selection

English French German Italian Portuguese Spanish

Device drivers filled with flaws

Filed under
Security

Operating system vendors and hardware makers should commit more resources toward systematically auditing Windows and Linux device-driver code for flaws, security researchers say.

While buffer overflows, a type of memory flaw that can lead to serious vulnerabilities, are quickly being eradicated in critical applications, the flaws are still easily found in device drivers, said David Maynor, a research engineer for Internet Security Systems' X-Force vulnerability analysis group.

"If you look through the device driver code, there are a lot of problems," he said in a recent interview. "The state of the code's security is not strong." During a few hours on a recent plane flight, for example, Maynor found more than a dozen glitches in several Windows XP drivers.

Windows is not the only operating system at risk. A survey of the Linux 2.6.9 kernel code performed by automated-code-checking software maker Coverity found that, while the overall quality of the code had increased significantly, more than 50 percent of flaws appeared in device drivers. Many of those flaws may not affect system security, but the ratio is generally indicative of the quality of the code, said Seth Hallem, CEO of Coverity.

"The people writing the device drivers are not generally the core programmers," he said. "It is not the operating-system implementers themselves -- the Linux programmers or Windows developers -- it is generally the vendors."

The warnings come as operating-system developers have placed security higher on their to-do lists. While the Windows and Linux operating systems have both undergone significant audits in the past several years, many device drivers -- especially those created by third-party hardware providers -- have seemingly escaped rigorous testing.

Device driver flaws can be more dangerous than other application vulnerabilities because device drivers are, in most cases, part of the kernel itself and subverting the critical software gives an attacker direct access to the kernel. Moreover, drivers that have direct memory access (DMA) -- such as USB drivers, CardBus drivers, graphics drivers and sound drivers -- could be used to overwrite system memory and exploit the system.

"Since drivers run in kernel-privilege state, if you can take them over you are in a privileged position," said Bill Weinberg, Linux evangelist for the Open Source Development Labs. "But it is not an trivial thing, you are more likely to crash the system."

"You no longer have a single computer," he said. "It is a collection of subsystems and device drivers are becoming that much more important."

Full Article.

More in Tux Machines

Games: Turok, Steam, Cities: Skylines - Parklife and Lots More

GNOME 3.30 Desktop Environment Receives Support for ARM64 Hardware Architectures

GNOME 3.29.2 has been released today as the second of four development snapshots towards the GNOME 3.30 desktop environment, due for release this fall. It comes five weeks after the first snapshot, GNOME 3.29.1, with even more improvements and new features across various components. One of the most exciting new features that landed during this development cycle is support for building the GNOME desktop environment for ARM64 (AArch64) architectures, which would allow it to run on various ARM hardware, including the upcoming Librem 5 Linux smartphone from Purism. Read more Also: GNOME 3.29.2 Released As The Second Step Towards GNOME 3.30 Looks Like GNOME's Nautilus File Manager Will Allow Running of Binaries, Scripts

More Dell Laptops With GNU/Linux

  • Welcome the new Dell Precision developer editions!
    Today I’m proud to announce the new the Linux-based Dell Precision Mobile workstation line: the 3530, 5530, 7530 and the 7730. These systems, which represent the fourth generation of the Precision developer editions, come preloaded with Ubuntu and have been RHEL certified. These new thinner, lighter, premium-built Precision mobile workstations feature the latest Intel Core and Xeon processors, blazing-fast memory and professional graphics.
  • Dell Launches New Precision Mobile Workstation Line-Up Powered by Ubuntu Linux
    Dell has launched a new Dell Precision Mobile Workstation line-up powered by the Ubuntu Linux operating system, featuting thinner and lighter designs with premium builds and using the latest technologies. Targeted mostly at developers, the new Dell Precision Mobile Workstation "Developer Edition" line-up consists of the Dell Precision 3530 Mobile Workstation, Dell Precision 5530 Mobile Workstation, Dell Precision 7530 Mobile Workstation, and Dell Precision 7730 Mobile Workstation, which come with a much lighter and thinner design, and offer a premium build.
  • Dell Unveils New Ubuntu Laptops
    Thinner, lighter and more powerful — three ways to describe the latest Ubuntu powered laptops from Dell. Everyone’s favourite Linux laptop vendor has lifted the veil on a fresh set of Linux-powered laptops. Their all-new Dell Precision Mobile Workstation ‘developer editions’ combine the latest Intel Core and Xeon processors, memory options and discrete graphics with the steady and stable Ubuntu operating system.

Elive Brings Enlightenment to the Linux Desktop

For the longest time, Enlightenment was my Linux desktop of choice. It was incredibly fast, highly configurable, and gorgeous. Since that time, I’ve migrated to desktops that veer toward being simpler, more efficient to work with… but I always consider my years with E16 and E17 with great fondness. Fortunately, at least two outstanding distributions focus on either Enlightenment E17 or a fork of E17. Bodhi Linux is a darling distribution (that I looked at previously) that uses a fork of E17, called Moksha Desktop. The developers of Bodhi have done some remarkable work with Enlightenment, but this article isn’t about Bodhi. Instead, I want to focus on a distribution that uses straight up Enlightenment E17. That distribution of Linux is Elive. Read more