Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> writes: > The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on > any system that uses it with untrusted hosts or devices. Because the > protocol is impossible to make secure, just disable all rndis drivers to > prevent anyone from using them again. > > Windows only needed this for XP and newer systems, Windows systems older > than that can use the normal USB class protocols instead, which do not > have these problems. > > Android has had this disabled for many years so there should not be any > real systems that still need this. > > Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> > Cc: Eric Dumazet <edumazet@xxxxxxxxxx> > Cc: Jakub Kicinski <kuba@xxxxxxxxxx> > Cc: Paolo Abeni <pabeni@xxxxxxxxxx> > Cc: Kalle Valo <kvalo@xxxxxxxxxx> > Cc: Oleksij Rempel <linux@xxxxxxxxxxxxxxxx> > Cc: "Maciej Żenczykowski" <maze@xxxxxxxxxx> > Cc: Neil Armstrong <neil.armstrong@xxxxxxxxxx> > Cc: Mauro Carvalho Chehab <mchehab@xxxxxxxxxx> > Cc: Andrzej Pietrasiewicz <andrzejtp2010@xxxxxxxxx> > Cc: Jacopo Mondi <jacopo@xxxxxxxxxx> > Cc: "Łukasz Stelmach" <l.stelmach@xxxxxxxxxxx> > Cc: Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx> > Cc: linux-usb@xxxxxxxxxxxxxxx > Cc: netdev@xxxxxxxxxxxxxxx > Cc: linux-kernel@xxxxxxxxxxxxxxx > Cc: linux-wireless@xxxxxxxxxxxxxxx > Reported-by: Ilja Van Sprundel <ivansprundel@xxxxxxxxxxxx> > Reported-by: Joseph Tartaro <joseph.tartaro@xxxxxxxxxxxx> > Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> > --- > Note, I'll submit patches removing the individual drivers for later, but > that is more complex as unwinding the interaction between the CDC > networking and RNDIS drivers is tricky. For now, let's just disable all > of this code as it is not secure. > > I can take this through the USB tree if the networking maintainers have > no objection. I thought I had done this months ago, when the last round > of "there are bugs in the protocol!" reports happened at the end of > 2021, but forgot to do so, my fault. > > drivers/net/usb/Kconfig | 1 + > drivers/net/wireless/Kconfig | 1 + For wireless: Acked-by: Kalle Valo <kvalo@xxxxxxxxxx> Feel free to take this via your tree. -- https://patchwork.kernel.org/project/linux-wireless/list/ https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
