Explore the vulnerabilities in USB device drivers through this Black Hat conference talk. Delve into the development of the vUSBf framework, a virtual USB fuzzer based on KVM and QEMU's USB redirection protocol. Learn how this innovative tool enables the execution of up to 150 tests per second on a single Intel system, significantly accelerating the bug detection process. Discover the types of bugs uncovered in Enterprise Linux kernels and current Linux kernels, including null-pointer dereferences, kernel panics, and segfaults. Gain insights into the framework's architecture, its ability to define millions of test cases using XML configuration, and its potential for scaling through a built-in cluster protocol. Understand the implications of these findings for USB security and the importance of systematic analysis in identifying vulnerabilities in hardware-specific drivers.
How to Find Bugs in USB Device Drivers
Overview
Syllabus
Intro
Why USB
History of USB
Impact of USB
Black Hat Las Vegas
Linux
Virtualisation
Architecture
Fuzzing
Export Sequences
Are we faster
Faster fuzzing
Demo
Archive
Results
Outro
Taught by
Black Hat