Artifact Content

Artifact 0c640fb0f175a6ebf0cfe3366902589b289a3344:

Wiki page [kmod-nokeyctl] by rkeene on 2016-01-20 15:43:29.
D 2016-01-20T15:43:29.242
L kmod-nokeyctl
N text/x-markdown
U rkeene
W 462
kmod-nokeyctl
=============

Simple kernel module which disables the keyctl(2) system call to workaround CVE-2016-0728 on vulnerable systems without rebooting until a proper patch can be applied.

Usage
-----

    $ ./configure
    $ make
    $ sudo -i insmod "$(pwd)/nokeyctl.ko"


Verification
------------

    $ sudo dmesg
    ...
    [2811856.665590] [nokeyctl] keyctl syscall disabled


Removal
-------

    $ sudo -i rmmod nokeyctl
Z 591d2229a22b4eed9f59da9949865026