CVE-2011-0640

Name of the Vulnerable Software and Affected Versions udev (affected versions not specified)

Description The default configuration of udev on Linux does not provide a warning before enabling additional Human Interface Device (HID) functionality over USB. This allows attackers to execute arbitrary programs via crafted USB data, such as keyboard and mouse data sent by malware on a connected smartphone.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.