OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • ZombieLoad, RIDL, Fallout, MDS mitigations
« previous next »
  • Print
Pages: [1]

Author Topic: ZombieLoad, RIDL, Fallout, MDS mitigations  (Read 1984 times)

s3ns0r

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
ZombieLoad, RIDL, Fallout, MDS mitigations
« on: May 15, 2019, 05:19:49 am »
Hello,
FreeBSD just updated the devcpu-data port which has the recent Intel Microcode
updates for those 4 vulnerabilities:
https://www.freshports.org/sysutils/devcpu-data/

How does OPNSense handles microcode updates?

The only thing I found about this was this open issue:
https://github.com/opnsense/plugins/issues/1137

Do we have to add it manually or is there a better way addressing this?
I can probably hack around this and backport patches from FreeBSD and devcpu-data manually
but it will break future updates and is a totally ugly solution.

On systems like OPNsense such vulnerabilities should be addressed with more priority
since many of us run them as virtual appliances, partially with untrusted guests on the same physical CPU.

Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17707
  • Karma: 1618
    • View Profile
Re: ZombieLoad, RIDL, Fallout, MDS mitigations
« Reply #1 on: May 15, 2019, 08:39:43 am »
There are two threads in this forum when you search for "devcpu-data". The first one is this topic. The other one holds the answer to your question.


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • ZombieLoad, RIDL, Fallout, MDS mitigations
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2