diff --git a/etc/sysctl.d/30_security-misc.conf b/etc/sysctl.d/30_security-misc.conf
index 846670e..d14b46d 100644
--- a/etc/sysctl.d/30_security-misc.conf
+++ b/etc/sysctl.d/30_security-misc.conf
@@ -126,7 +126,10 @@ net.ipv4.tcp_timestamps=0
 ## https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079/
 kernel.sysrq=132
 
-## Restrict loading line disciplines to CAP_SYS_MODULE to prevent
+## Restrict loading TTY line disciplines to CAP_SYS_MODULE to prevent
 ## unprivileged attackers from loading vulnerable line disciplines
-## with the TIOCSETD ioctl to exploit them.
+## with the TIOCSETD ioctl which has been used in exploits before
+## such as https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
+##
+## https://lkml.org/lkml/2019/4/15/890
 dev.tty.ldisc_autoload=0