projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: db32e90) | patch
hamradio: Disable auto-loading as mitigation against local exploits
authorBen Hutchings <ben@decadent.org.uk>
Sun, 4 Aug 2019 23:29:11 +0000 (00:29 +0100)
committerBen Hutchings <benh@debian.org>
Tue, 9 Jun 2020 17:50:00 +0000 (18:50 +0100)
commit2667af30209899ccf087245c6032c48c6a8ddae5
tree077de773d478a7c539f7f53115c5fda7078f212ftree | snapshot
parentdb32e90595fb45f7fcb5e7e11d1420d1fe500b94commit | diff
hamradio: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'ham' radio protocols (ax25, netrom, rose) are not actively
maintained or widely used.  Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name hamradio-disable-auto-loading-as-mitigation-against-local-exploits.patch
net/ax25/af_ax25.c diff | blob | history
net/netrom/af_netrom.c diff | blob | history
net/rose/af_rose.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.