The disk device just sends a packet with a specific address to the host.Surely not - the disk sends a packet to the SCSI controller, and then the SCSI controller writes into the host's memory. (Unless this is just a question of terminology)
However, as an optimization, FireWire controllers can be configured by the driver to handle certain packets from certain devices differently, by writing them to the physical memory address specified in the packet itself.I see - that is the root of this vulnerability. Clearly if devices can be plugged in externally, that optimization needs to be disabled.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds