mirror of
https://github.com/NixOS/nixos-hardware.git
synced 2025-11-04 17:27:14 +08:00
b09586b101
The broadcom-sta driver package is marked as insecure due to CVE-2019-9501 and CVE-2019-9502 (heap buffer overflow vulnerabilities allowing remote code execution). The driver is also unmaintained and incompatible with modern Linux kernel security mitigations. Removed broadcom_sta from extraModulePackages and the corresponding "wl" kernel module. This resolves test failures where Nixpkgs refuses to evaluate configurations containing this insecure package.