Remove insecure broadcom-sta driver from hardware profiles

The broadcom-sta driver package is marked as insecure due to CVE-2019-9501
and CVE-2019-9502 (heap buffer overflow vulnerabilities allowing remote code
execution). The driver is also unmaintained and incompatible with modern
Linux kernel security mitigations.

Removed broadcom_sta from extraModulePackages and the corresponding "wl" kernel module.

This resolves test failures where Nixpkgs refuses to evaluate configurations
containing this insecure package.
This commit is contained in:
Jörg Thalheim 2025-10-30 13:03:59 +01:00
parent e214e292a6
commit b09586b101
5 changed files with 0 additions and 16 deletions

View file

@ -3,8 +3,6 @@
{
imports = [ ../. ];
boot.kernelModules = [ "wl" ];
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
boot.blacklistedKernelModules = [ "bcma" ];
boot = {