Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #47 from madaidan/msr

Browse Source 
Blacklist CPU MSRs
This commit is contained in:
Patrick Schleizer 2019-12-22 15:26:07 +00:00 committed by GitHub
commit bce02ffdc0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
debian/control vendored
View File

@ -103,6 +103,9 @@ Description: enhances misc security settings
/lib/systemd/system/hide-hardware-info.service
/lib/systemd/system/user@.service.d/sysfs.conf
/etc/hide-hardware-info.d/30_default.conf
.
* The MSR kernel module is blacklisted to prevent CPU MSRs from being
abused to write to arbitrary memory.
.
Improve Entropy Collection
.

3
etc/modprobe.d/msr.conf Normal file
View File

@ -0,0 +1,3 @@
# Blacklist CPU MSRs as they can be abused to write to
# arbitrary memory.
install msr /bin/false