Welcome to MidnightBSD

MidnightBSD is a BSD-derived operating system developed with desktop users in mind. It includes all the software you'd expect for your daily tasks — email, web browsing, word processing, gaming, and much more.

With a small community of dedicated developers, MidnightBSD strives to create an easy-to-use operating system everyone can use, freely. Available for x86, AMD64 and as Virtual Machines.

Get MidnightBSD

Latest Release - 1.2.8

Release Notes

News »

Sun, 13 Sep 2020 20:44

Folks have been asking me about webcams lately.  I've previously gotten an integrated cam on my thi

Read more...

Thu, 10 Sep 2020 15:03

It's now possible to install 2.0-CURRENT from a 1.2.7 machine with some caveats.  This is only test

Read more...

Tue, 08 Sep 2020 14:15

Current was recently renamed 2.0 (rather than 1.3) in case we need to do a security upate past 1.2.9

Read more...

Tue, 08 Sep 2020 14:14

The go port has been updated in mports to 1.14.3.  (lang/go)  This should allow newer go apps to b

Read more...

Security »

September 23, 2020

MidnightBSD 1.2.10
udf: Validate the full file entry length
Otherwise a corrupted file entry containing invalid extended attribute lengths or allocation descriptor lengths can trigger an overflow when the file entry is loaded.
Discovered by: C Turt

Read more ...

September 15, 2020

MidnightBSD 1.2.9
ftpd
A ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges.

bhyve
AMD and Intel CPUs support hardware virtualization using specialized data structures that control various aspects of guest operation. These are the Virtual Machine Control Structure (VMCS) on Intel CPUs, and the Virtual Machine Control Block (VMCB) on AMD CPUs. Insufficient access controls allow root users, including those running in a jail, to change these data structures.
A number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped.

Read more ...

View available mports

MidnightBSD App Store