Comment by tomxor
3 hours ago
FYI it's dynamically loaded on demand, so lsmod will show it after you try run the exploit, or you can explicitly load it with:
modprobe algif_aead
The following mitigation (from the article) does work for Debian 12 and 13, I've tested this:
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
First line blocks it from loading, second line is unloading it if it's already been loaded. You can test with the same "modprobe algif_aead".
No comments yet
Contribute on Hacker News ↗