On Thu, Apr 30, 2026 at 7:32 AM Ben Koenig via PLUG <[email protected]> wrote:
> > The algif_aead kernel module needs to be loaded and su needs to readable > by non-root users. (-rwsr-xr-x). The python script is pretty simple so > chances are some systems are not as directly vulnerable. > > On the systems I found vulnerable, just rmmod'ing the kernel module was insufficient, because it was reloaded on demand. So, not having it loaded isn't enough, at least in those circumstances. -- Russell Senior [email protected]
