Master issue for THARD-2

[Rafiot]

Review of the attack surface on the rPI (e.g. power analysis)

[Rafiot]

https://github.com/CIRCL/Circlean/blob/master/doc/Technical_Notes/TNO_Raspi_boot.pdf

[moshekaplan]

• Exploiting libmagic
  • Writing a malicious binary to the second USB
  • Returning a fake MIMEtype

[Rafiot]

I didn't see any recent vulnerability in libmagic allowing command execution. Do you have references?

Fake MIMEtype is assumed, we use it for information and cross check with the extension of the file (see polyglot files).

[moshekaplan]

Unfortunately, this is the only reference I could find : https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2014-1606 , but it only has DoS and no code execution.