diff --git a/README.md b/README.md
index 5edecca..82a0656 100644
--- a/README.md
+++ b/README.md
@@ -237,8 +237,8 @@ Kernel space:
   risk and impact of denial-of-service attacks and both cold and warm boot attacks.
 
 - Optional - Force the kernel to immediately panic if it becomes tainted. Some reasons include
-  upon using out of specification hardware, bad page states, severe firmware bugs, and kernel
-  live patching. Can also include the loading of proprietary, out-of-tree, and unsigned modules.
+  upon using out of specification hardware, bad page states, severe firmware bugs. It can also
+  include the loading of proprietary, out-of-tree, and unsigned modules.
 
 - Prevent sensitive kernel information leaks in the console during boot.
 
diff --git a/etc/default/grub.d/40_kernel_hardening.cfg#security-misc-shared b/etc/default/grub.d/40_kernel_hardening.cfg#security-misc-shared
index 4fc70e2..ab4e954 100644
--- a/etc/default/grub.d/40_kernel_hardening.cfg#security-misc-shared
+++ b/etc/default/grub.d/40_kernel_hardening.cfg#security-misc-shared
@@ -167,21 +167,23 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX debugfs=off"
 ## Using kernel documentation can select a subset of taints to create a security policy.
 ## Requires summing the numbers for each taint state and then converting it to a hexadecimal bitmask.
 ## Some example combinations are shown below.
-## Panic on using out of specification hardware: 4 = 0x4.
-## Panic on the above and bad page faults or some unexpected page flags: 36 = 0x24.
-## Panic on the above and severe firmware bugs: 2084 = 0x824.
-## Panic on the above and kernel live patching: 34852 = 0x8824.
-## Panic on the above and the loading of proprietary, out-of-tree, or unsigned modules: 47141 = 0xB825.
+## S - Panic on using out of specification hardware: 4 = 0x4.
+## B - On the above and bad page faults or some unexpected page flags: 36 = 0x24.
+## I - On the above and severe firmware bugs: 2084 = 0x824.
+## N - On the above and if an in-kernel test has been run: 264228 = 0x40824.
+## J - On the above and if userspace used a mutating debug operation: 788516 = 0xC0824.
+## G/P, O, E - On the above and the loading of proprietary, out-of-tree, or unsigned modules: 800805 = 0xC3825.
 ## All must first be tested to ensure there are no pre-existing issues on user hardware.
 ## After confirming stability this enforces strict user-defined kernel operation and security at runtime.
 ##
 ## https://www.kernel.org/doc/html/latest/admin-guide/tainted-kernels.html
 ## https://support.scc.suse.com/s/kb/Tainted-kernel-1583239310621?language=en_US
 ## https://lore.kernel.org/all/20200515175502.146720-1-aquini@redhat.com/T/
+## https://github.com/Kicksecure/security-misc/pull/339
 ##
 ## Note that this must be used with panic=-1 for it to function as intended.
 ##
-#GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX panic_on_taint=0x8824:
+#GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX panic_on_taint=0xC0824
 
 ## Prevent sensitive kernel information leaks in the console during boot.
 ## Must be used in combination with the kernel.printk sysctl.