PinTheft Linux LPE

So the official disclosure sucks. TL;DR: The official mitigation is:

rmmod rds_tcp rds
printf 'install rds /bin/false\ninstall rds_tcp /bin/false\n' > /etc/modprobe.d/pintheft.conf

kernel.modules_disabled=1 would have also saved you here.

---

Sadly, the RDS kernel module this requires is only default on Arch Linux among the common distributions we tested.

Interesting word choice. I guess only hitting Arch isn't that good if you market yourself as "dangerously powerful agentic security" (ew). Also, wtf is that weird video in the background of their PoC video?

Anyways. cough. I don't understand what they mean there. Arch has these modules enabled... but seemingly so do most other distros. Debian doesn't autoload these modules, Ubuntu mitigates it too, but the module is there.

Also, I tried testing this on grml as a quick stand-in for Debian, and the results were interesting? Obviously the module didn't get autoloaded (see above), but when I manually load these modules and then run the PoC, it still fails to overwrite the page cache.

I don't know why. I seem to meet all the requirements.

Rapidly increasing urge to start using custom kernel configs with approximately nothing enabled.