In light of all the new potential Linux kernel "bugs," Jasper Nuyens created a simple script to place all unused modules (not currently loaded) in "module jail" i.e.the kernel cannot load them. Good temporary hygiene until things get cleaned up.
Read more here: github.com/jnuyens/modu...
github.com
Proactively shrink a Linux host's kernel-module attack surface by blacklisting every module not currently in use. - jnuyens/modulejail
