> having a module that a local administrator can load

This is a successful local privilege escalation, so local administrator privs were not needed. In default configuration of all distros, apparently.

> If you want to block module loads, you’re one sysctl flag away.

The modules aren't really the point, it's that unnecessary features (to 99% of us?) were accessible by default without privs.