#!/usr/bin/env bash

# Prevent vulnerable module from ever being loaded
cat > /etc/modprobe.d/blacklist-af-alg.conf <<EOF
blacklist af_alg
blacklist algif_aead
EOF

# Remove the module if it's already loaded
modprobe -r algif_aead
modprobe -r af_alg

# Drop all caches to undo the effects of previous exploit runs
echo 1 > /proc/sys/vm/drop_caches