1

In May 2019, CVE-2019-11815 was reported, which is a vulnerability in the RDS (Reliable Datagram Sockets) kernel module.

Yesterday (23rd July 2019), a kernel patch for the vulnerability was released under USN-4068.

RDS is blacklisted by default in Ubuntu, under the rare-network modprobe blacklist config file.

However, what can cause RDS to be enabled? Could installing a package from the Apt repositories cause this? Is there a list of packages that can cause it to be enabled? Or would the blacklist always have to be manually removed?

I can see that RDS is definitely not loaded using lsmod, however I would like to determine whether it could have been loaded in the past, or if there is potential for it to be loaded in the future because of a package or system configuration.

jamieweb
  • 250
  • 1
  • 2
  • 6

0 Answers0