In May 2019, CVE-2019-11815 was reported, which is a vulnerability in the RDS (Reliable Datagram Sockets) kernel module.
Yesterday (23rd July 2019), a kernel patch for the vulnerability was released under USN-4068.
RDS is blacklisted by default in Ubuntu, under the rare-network
modprobe blacklist config file.
However, what can cause RDS to be enabled? Could installing a package from the Apt repositories cause this? Is there a list of packages that can cause it to be enabled? Or would the blacklist always have to be manually removed?
I can see that RDS is definitely not loaded using lsmod
, however I would like to determine whether it could have been loaded in the past, or if there is potential for it to be loaded in the future because of a package or system configuration.