adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold
SF16-FMR driver is a small kernel patch (should work with kernel 2.2.14 and probably other 2.2.x kernels) to make the SF16-RFM radio card (From Typhoon/MediaForte/etc.) work with all tuner programs.
Simple Multi-Threading kernel is an add-on for the Libero programming tool that lets you write portable high-performance multithreaded programs based on Libero's finite-state machine (FSM) design method.
Solar Designer's non-executable stack patch
Solar Designer's non-executable stack patch is a collection of security-related features for the Linux kernel, all configurable via the new 'Security options' configuration section.
suser-jengelh Kernel Patchset
suser-jengelh Kernel Patchset is a patch collection for the Linux kernel. It includes code from a lot of projects, such as ttyrpld, MultiAdmin, parts of NF POM, cdfs, unionfs, and various accumulated bugfixes still not present in the vanilla kernel.
suser-jengelh/ccj kernel patchset
The suser-jengelh kernel patchset contains a number of accumulated fixes as well as new features such as ttyrpld, multiadm, chaostables, various netfilter extensions, and other improvements.
Sysmask is a security enhancement package for Linux systems, featuring interactive security reactions, protection against both system level and user level networking risks, capability of disarming many kernel vulnerabilities, etc. It can protect the system integrity against vulnerabilities in the great majority of codes, whether known or unknown, patched or non-patched, in user programs, libraries or the kernel.
TiVo's kernel mods
some modifications to the Linux PPC kernel
TOMOYO Linux is an extension for Linux to provide mandatory access control (MAC) functions. It is provided in the form of patches to the Linux vanilla kernel and utilities for policy management. Read more
a port of the Linux kernel to its own system call interface. It runs in a set of processes, resulting in a user-mode virtual machine
Micro-Second Resolution Timers for Linux
V86-64 is a Linux kernel patch which adds the vm86() system call currently missing in the x86-64 Linux kernel. It lets DOS programs to run under DOSEMU natively without CPU emulation.
vanheusden.com Linux-kernel security patch
includes code for the following things:
- random PID
- random port-numbers for IPv4, NAT, IPv6
- enhanced random-values for networking
xlike Kernel Patchset
xlike Kernel Patchset is a patch collection for the Linux vanilla kernel. It includes as many stable enhancements for the Linux kernel as possible. These include code from Kernel Mode Linux, Rule Set Based Access Control, Novell AppArmor, Openswan, grsecurity, Ndiswrapper, web100, Nefilters, Suspend2, Speakup, Amiga Smart File System, Cdemu, SquashFS, fbsplash, QuadDSP, and more. It also contains many drivers and fixes.