On 11/22/2012 6:30 PM, Bryan Drewery wrote: > On 11/22/2012 6:02 PM, FreeBSD Security Advisories wrote: >> IV. Workaround >> >> No workaround is available, but systems not using the Linux binary >> compatibility layer are not vulnerable. >> >> The following command can be used to test if the Linux binary >> compatibility layer is loaded: >> >> # kldstat -m linuxelf > > Is it sufficient to kldunload linux? > > Bryan Assuming it is enough to unload[/recompile/reload], here's a tip if it refuses to unload (in use), assuming no securelevel: > # kldunload linux > kldunload: can't unload file: Device busy > # procstat -ka|grep linux > 40338 100221 bot - mi_switch sleepq_switch sleepq_catch_signals sleepq_timedwait_sig _cv_timedwait_sig kern_select linux_select syscall Xint0x80_syscall > # kill 40338 > # kldunload linux > # kldstat -m linuxelf > kldstat: can't find module linuxelf: No such file or directory -- Regards, Bryan Drewery bdrewery@freenode/EFNet _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"