FreeBSD Security Advisory FreeBSD-SA-12:08.linux
Bryan Drewery
bryan-lists at shatow.net
Fri Nov 23 00:40:48 UTC 2012
On 11/22/2012 6:30 PM, Bryan Drewery wrote:
> On 11/22/2012 6:02 PM, FreeBSD Security Advisories wrote:
>> IV. Workaround
>>
>> No workaround is available, but systems not using the Linux binary
>> compatibility layer are not vulnerable.
>>
>> The following command can be used to test if the Linux binary
>> compatibility layer is loaded:
>>
>> # kldstat -m linuxelf
>
> Is it sufficient to kldunload linux?
>
> Bryan
Assuming it is enough to unload[/recompile/reload], here's a tip if it
refuses to unload (in use), assuming no securelevel:
> # kldunload linux
> kldunload: can't unload file: Device busy
> # procstat -ka|grep linux
> 40338 100221 bot - mi_switch sleepq_switch sleepq_catch_signals sleepq_timedwait_sig _cv_timedwait_sig kern_select linux_select syscall Xint0x80_syscall
> # kill 40338
> # kldunload linux
> # kldstat -m linuxelf
> kldstat: can't find module linuxelf: No such file or directory
--
Regards,
Bryan Drewery
bdrewery at freenode/EFNet
More information about the freebsd-security
mailing list