Sure, but if the attacker has physical access to the machine, I don't see many scenarios in which launching a USB denial of service attack would be the most effective thing to do.
Perhaps if the goal was to sabotage a presentation or some 007 style attack...
In any event, I didn't mean to say that the vulnerability is not worth fixing. It definitely is. It just seems like a relatively benign issue compared to the daily barrage of hair raising security flaws.
> I don't see many scenarios in which launching a USB denial of service attack would be the most effective thing to do.
High security servers that don't have typical interfaces are super common in government facilities. Sometimes they'll shove glue into the USB and sometimes the USB is the only method of accessing the system.
As 'staticassertion replied above, causing a kernel crash due to memory mismanagement is usually a sign that with some extra work you could cause execution of arbitrary code in the kernel instead.
Perhaps if the goal was to sabotage a presentation or some 007 style attack...
In any event, I didn't mean to say that the vulnerability is not worth fixing. It definitely is. It just seems like a relatively benign issue compared to the daily barrage of hair raising security flaws.