Fellow Linux admins-

The time has come. USB tethering will soon stop working for us. RNDIS (Remote Network Driver Interface Specification) was developed by Microsoft for networking over USB. However, it has significant security flaws, mainly due to its outdated design that doesn't meet contemporary security standards.

These vulnerabilities are particularly concerning in environments where untrusted devices might connect, making RNDIS a potential security risk for modern Linux-based systems. What RNDIS alternatives are available? 

You'll also learn about speculative execution vulnerabilities and a significant USB bug identified in the Linux kernel and fixed in Linux 6.13-rc4.

If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!

Stay safe out there,

Dv Signature Newsletter 2024 Esm W150

Dave Wreski

LinuxSecurity Founder

Linux Kernel

The Discovery 

Microsoft developed RNDIS (Remote Network Driver Interface Specification) for networking over USB, but it has significant security flaws, mainly due to its outdated design, which doesn't meet contemporary security standards.

Linux Esm W400

The Impact

These vulnerabilities are particularly problematic when RNDIS is used in environments where untrusted devices might connect. 

The Fix

Greg Kroah-Hartman, a key figure in the Linux kernel development community, has updated the "rndis-removal" branch within the USB.git repository with recent patches. We strongly recommend admins apply these updates and consider switching to safer alternatives to RNDIS.

Your Related Advisories:

[distro_list_1]

Linux Kernel

The Discovery 

Speculative execution vulnerabilities and a significant USB bug have been identified in the Linux kernel and fixed in Linux 6.13-rc4.

LinuxKernel Esm W206

The Impact

These flaws can allow unauthorized access to sensitive data across virtual machines.

The Fix

Linux 6.13-rc4 has been released to fix these problematic bugs and improve system reliability and container start-up time. Admins should update to Linux 6.13-rc4 immediately for improved security and performance!

Your Related Advisories:

[distro_list_2]