← Back to context Comment by globular-toast 10 hours ago Is it built as a module in most distros? 2 comments globular-toast Reply dsr_ 5 hours ago It is built as a module in Debian.lsmod shows it is not loaded on any of the Trixie or Bookworm machines I have checked, Intel or AMD. tomxor 2 hours ago FYI it's dynamically loaded on demand, so lsmod will show it after you try run the exploit, or you can explicitly load it with: modprobe algif_aead The following mitigation (from the article) does work for Debian 12 and 13, I've tested this: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true First line blocks it from loading, second line is unloading it if it's already been loaded. You can test with the same "modprobe algif_aead".
dsr_ 5 hours ago It is built as a module in Debian.lsmod shows it is not loaded on any of the Trixie or Bookworm machines I have checked, Intel or AMD. tomxor 2 hours ago FYI it's dynamically loaded on demand, so lsmod will show it after you try run the exploit, or you can explicitly load it with: modprobe algif_aead The following mitigation (from the article) does work for Debian 12 and 13, I've tested this: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true First line blocks it from loading, second line is unloading it if it's already been loaded. You can test with the same "modprobe algif_aead".
tomxor 2 hours ago FYI it's dynamically loaded on demand, so lsmod will show it after you try run the exploit, or you can explicitly load it with: modprobe algif_aead The following mitigation (from the article) does work for Debian 12 and 13, I've tested this: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true First line blocks it from loading, second line is unloading it if it's already been loaded. You can test with the same "modprobe algif_aead".
It is built as a module in Debian.
lsmod shows it is not loaded on any of the Trixie or Bookworm machines I have checked, Intel or AMD.
FYI it's dynamically loaded on demand, so lsmod will show it after you try run the exploit, or you can explicitly load it with:
The following mitigation (from the article) does work for Debian 12 and 13, I've tested this:
First line blocks it from loading, second line is unloading it if it's already been loaded. You can test with the same "modprobe algif_aead".