Monday 06 July 2026 09:20:38 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Module Blacklisting

A temporary mitigation that prevents selected kernel modules from loading.

Module blacklisting is a defensive control that tells the Linux kernel not to load one or more specific modules. Administrators use it as a temporary mitigation when a module is buggy, abused by attackers, or linked to a security flaw. Instead of removing the whole feature set, blacklisting blocks only the chosen module at boot or load time.

In cyber security, this matters because many attacks depend on kernel modules that expose powerful functionality, such as networking, storage, or crypto services. Blacklisting can stop an exploit path before a patch is available, but it may also disable legitimate capabilities and break dependent services. Defenders should treat it as a short-term containment measure: verify which modules are affected, understand operational impact, and replace the workaround with a proper kernel update or configuration fix as soon as possible.

← WIKICROOK index