lenn/nixos-hardware
1
0
Fork 0
mirror of https://github.com/NixOS/nixos-hardware.git synced 2025-11-03 16:57:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove insecure broadcom-sta driver from hardware profiles

Browse Source 
The broadcom-sta driver package is marked as insecure due to CVE-2019-9501
and CVE-2019-9502 (heap buffer overflow vulnerabilities allowing remote code
execution). The driver is also unmaintained and incompatible with modern
Linux kernel security mitigations.

Removed broadcom_sta from extraModulePackages and the corresponding "wl" kernel module.

This resolves test failures where Nixpkgs refuses to evaluate configurations
containing this insecure package.
This commit is contained in:
Jörg Thalheim
2025-10-30 13:03:59 +01:00
parent e214e292a6
commit b09586b101
5 changed files with 0 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
apple/imac/14-2/default.nix
View File

@@ -29,7 +29,6 @@
"bcma"
];
kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "6.0") pkgs.linuxPackages_latest;
extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
};
hardware = {