FreeBSD MDS Mitigation
Kevin
labadore at protonmail.ch
Wed Jul 10 16:37:56 UTC 2019
Hello list. I am reading this page about FreeBSD security [ https://vez.mrsk.me/freebsd-defaults.html ] and it says the Intel MDS mitigation is off by default. So I tried.
% sysctl hw.mds_disable_state
hw.mds_disable_state: inactive
Now I see the instructions in the advisory, but what about anyone who didn't? Or who did a new install and didn't read past advisories?
I have an Intel CPU that is vulnerable. By applying the update and installing the microcode package, I thought I was safe.
Why? Why does FreeBSD let its users be vulnerable?
More information about the freebsd-security
mailing list