sid/synix
1
0
Fork 0
Code Issues 6 Pull requests 2 Projects Activity Actions

fix CVE-2026-43500
All checks were successful
Flake check / flake-check (pull_request) Successful in 23s
Details
Build tests / build-hosts (pull_request) Successful in 29s
Details

Browse source
This commit is contained in:
sid 2026-05-09 08:39:38 +02:00
parent fe6df369cb
commit 997c4a98dc
1 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
modules/nixos/common/boot.nix
View file

@ -5,4 +5,16 @@
boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "6.18.22") ( boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "6.18.22") (
lib.mkDefault pkgs.linuxPackages_6_18 lib.mkDefault pkgs.linuxPackages_6_18
); );
# fix CVE-2026-43500
boot.extraModprobeConfig = ''
install esp4 ${pkgs.coreutils}/bin/false
install esp6 ${pkgs.coreutils}/bin/false
install rxrpc ${pkgs.coreutils}/bin/false
'';
boot.blacklistedKernelModules = [
"esp4"
"esp6"
"rxrpc"
];
} }