add workaround for CVE-2009-2692

Signed-off-by: Nico Schottelius <nico@ikn.schottelius.org>
2009-08-14 13:38:25 +02:00 · 2009-08-14 13:38:25 +02:00 · eecebe22b5
parent 31461434cb
commit eecebe22b5
1 changed files with 34 additions and 0 deletions
--- a/linux/workaround_CVE-2009-2692.sh
+++ b/linux/workaround_CVE-2009-2692.sh
@ -0,0 +1,34 @@
+#!/bin/sh
+# 
+# 2009      Nico Schottelius (nico-linux at schottelius.org)
+# 
+# This file is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# 
+# This file is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this file. If not, see <http://www.gnu.org/licenses/>.
+#
+
+cat << eof >> /etc/modprobe.d/aliases
+alias net-pf-10 off
+alias ipv6 off
+alias ib_ipoib off
+alias net-pf-3 off
+alias net-pf-4 off
+alias net-pf-5 off
+alias net-pf-9 off
+alias net-pf-23 off
+alias net-pf-24 off
+alias net-pf-31 off
+eof
+
+echo "You have to reboot your system (press enter to do so)"
+read rebootme
+reboot