os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add a workaround for the midi issue.

Browse source 
Reviewed by:	so
This commit is contained in:
Gordon Tetlow 2019-08-22 00:56:21 +00:00
parent bfad1841bb
commit 2eabd05d90
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=53316
1 changed files with 25 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
share/security/advisories/FreeBSD-SA-19:23.midi.asc
View file

@ -23,6 +23,11 @@ For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>. following sections, please visit <URL:https://security.FreeBSD.org/>.
0. Revision history
v1.0 2019-08-20 Initial release.
v1.1 2019-08-21 Updated workaround.
I. Background I. Background
/dev/midistat is a device file which can be read to obtain a /dev/midistat is a device file which can be read to obtain a
@ -47,8 +52,13 @@ fault in kernel mode, leading to a panic.
IV. Workaround IV. Workaround
No workaround is available. Custom kernels without "device sound" Restrict permissions on /dev/midistat by adding an entry to
are not vulnerable. /etc/devfs.conf and restarting the service:
# echo "perm midistat 0600" >> /etc/devfs.conf
# service devfs restart
Custom kernels without "device sound" are not vulnerable.
V. Solution V. Solution
@ -120,19 +130,19 @@ The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc> <URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc>
-----BEGIN PGP SIGNATURE----- -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl1cPgVfFIAAAAAALgAo iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl1d58xfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cItmQ/9HL5BIP/QUvfcBbhZmZAXa7O7V9Em4auumaUWEPnUaAR0vNKZqMvFXNeN 5cJ3pw//fbHMCysvmMh+2RZ47d4i9d61cdYEq51VUwT2Cp2pGz+mWAoac89c4k2v
v51/HOwCZte2fCgs8rxSH9ncQR+cUk/3nXO7PZ7pNPNfvuJoPlCV1rIuRrdwm14+ coo+nuvsXfgNGjr6SHGjLw0kCjeJPdPBDstHLnrzqbmuUFeS8rbRS9AGySy8cW7Z
+pZIJpY65gmmXyh5Qa5cw41MEWuDcKluUg38zEROwBpX4h0J/ZuMSARn/s1jj/kJ qYh8OuBPqczWRM2STtyIA1nuxrKBxpEKsWdCO41lTue/D6+1rPjFkRtzK5G/yNcJ
hy2yzgPTz8gAzkNd8OtQm1CHdFnKWabuAHBlltj9qIA3OvJL+TpIFmzU5jA7wO1n 2gQjy8DKwX2RdUmjrWXoQbGheCKUz+euhkUOFHjiJYAdLAK4Bq+Dn/Nq36c6Dej0
w9GCcz73+IA1RZXu8vPsW9AEc/1LlUrNcyLmJ+bZjW9b7mY9dq+ackvULTzFV21u wzYkeDwL+c/XxVPk1iucMJfDd+xrOi6HY4BLh4EFkJBKmQa6ciqa1B37ibARMtVb
5xW2FEX3EBr3kFSbWyIS9zuTX4InftoAr97CBxNMYa25/0En4Ri2rB3oH49BgqTb QbGcjgoUQ1wJLxJEpD0JN5/Rbxg3KOq+8wH5if2pqW8Q9Ir89GNpbq2DjNVpBq28
sr6p5hO3ZB6gOfJIm3WeYIc9dXsqQcWC/Y8hp7zO/Ef29jBHaa76ZX3uGgKGgyoo 1XEE0CpIJUsqZkSobkMlmwQkz4fYNm5PGkIxpVGAUUlhEpnPlHsIWX5ADhyUwS8y
UcoEjIx4ZpiqQxUEigKdlpEQdUtCIOSZ1NjSYDRFuCURDI07o1Oi8/HSdb9tNRe4 qGkYWDrB7t5kn+66pwef6HOQdSA+76MdHzsb9NF+5ByvcgSqgEJqVpFs31+hAfTQ
IxfmT7G+oBGbhjZ/bziC/tZX/whXzBdo6eNIBC8XW8hrTDIXVCyqls3igiSqxoFA fH+UefOm7E65GEARG8M2NUUQnMDY/GlXOaeVgbUu60FPbr3M3QlTuAZcBZZTwd+f
WMpQN2gEZ6Yug0zpRCn4fj+dvBobpAle7F/gwZdFeWU/wtDiLQHnBOxPaobR56Qy aDtQt4J2P33qfkJWoH4Lt5qNzcGkucFQliKZ0SI4W0IfpaqWlRTaUcaC6MZClgdN
fIoVVGufmnjbSReSGh1WtFhDt+uJ8zal/EqGWi3IBIFpxjhAuP0= hh/cTP3WruHVsgQKPPO1F1soFCP96cDI1LVeHiYYTLBX0n5JarQ=
=I8mB =AI8Q
-----END PGP SIGNATURE----- -----END PGP SIGNATURE-----