FreeBSD Security Advisory FreeBSD-SA-19:23.midi
Ian Lepore
ian at freebsd.org
Tue Aug 20 22:01:45 UTC 2019
On Wed, 2019-08-21 at 04:55 +0700, Eugene Grosbein wrote:
> 21.08.2019 3:12, FreeBSD Security Advisories wrote:
>
> [skip]
>
> > IV. Workaround
> >
> > No workaround is available. Custom kernels without "device sound"
> > are not vulnerable.
>
> Is it true that there is no way to disable vulnerable and unneeded
> device driver
> built in GENERIC other that through rebuilding the kernel?
>
> I remember that pre-4.x versions of FreeBSD had visual VGA-based pre-
> boot configurator
> allowing to disable any compiled-in device driver. Don't
> device.hints(5) or loader(8) have means to do so?
>
> These days GENERIC have LOTS of drivers and it's convenient but
> unsafe.
>
"No workaround" just seems to be wrong. Aside from setting the
disabled hint to turn off the driver (or using devctl to turn it off on
a live system), the exploit also requires opening /dev/midistat, so a
viable workaround is to change its permissions so that users can't open
it.
-- Ian
More information about the freebsd-hackers
mailing list