Where are you seeing the disabling algif_aead mitigation?

▲ oskarkk 2 hours ago | parent [-]

> Before you can patch: disable the algif_aead module.

> echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf

> rmmod algif_aead 2>/dev/null || true

Edit: and I can confirm that on my system with kernel 6.19.8 the above fixes the exploit.

	▲	comfydragon 29 minutes ago \| parent [-]
		Weirdly, the mitigation does not seem to work under WSL2 (at least in Ubuntu 24.04). `Linux wsl2 6.6.87.2-microsoft-standard-WSL2 ...` `modprobe algif_aead` errors out, but if I run the POC, it succeeds. Outside of WSL2, the mitigation does appear to work though.