Disable n_gsm module

The n_gsm module appears to suffer from various security relevant issues:

https://lore.kernel.org/all/DB9PR10MB5881D2170678C169FB42A423E0082@DB9PR10MB5881.EURPRD10.PROD.OUTLOOK.COM/

Attaching N_GSM0710 ldisc requires CAP_NET_ADMIN since kernel 6.6, and that change has now also been backported to older kernel release branches, but Greg Kroah-Hartman still recommends disabling CONFIG_N_GSM at build time:

https://www.openwall.com/lists/oss-security/2024/04/17/1

It seems wise to follow his recommendation.

Also tagging @anthraxx because this is also relevant for linux-hardened.

Edited Apr 17, 2024 by Pascal Ernster

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Disable n_gsm module