0N
Size: a a a
0N
Н
Н
Н
Н
AS
0N
0N
USB 3.1 missing bits… in DMA
Sunday, November 18, 2018
All 13 exploits are exploitable remotely over the network, with zero privileges,
meaning no admin access necessary, as reported by NIST.GOV & cvedetails.com
https://nvd.nist.gov/vuln/detail/CVE-2018-8936
https://nvd.nist.gov/vuln/detail/CVE-2018-8935
https://nvd.nist.gov/vuln/detail/CVE-2018-8934
https://nvd.nist.gov/vuln/detail/CVE-2018-8933
https://nvd.nist.gov/vuln/detail/CVE-2018-8932
https://nvd.nist.gov/vuln/detail/CVE-2018-8931
https://nvd.nist.gov/vuln/detail/CVE-2018-8930
The latest ASmedia USB 3.0 firmware is at the bottom of this page here: https://bit.ly/2QQTKtJ
Paper
https://safefirmware.com/amdflaws_whitepaper.pdf
Github code:
https://github.com/HackingThings/BytesInDisguise/tree/5d3023c914c24f119209185f52542a845ece9464/Code/CMOS_RW
https://github.com/smx-smx/ASMTool
https://github.com/cyrozap/asmedia-xhc-re
https://github.com/mietelski-robert/ASMediaStream
2021 Linux fixing in progress.
https://lore.kernel.org/patchwork/patch/1382861/