So, there're are a bunch of kernel modules that we don't use. Some of them are known to have (multiple) security holes in them.
It's been proposed that we blacklist any modules that we don't use, with these risks.
So, one we blacklisted recently was rds
another suggested one is net-pf-9
MOAR MODULES HERE