In the next Linux kernel cycle, driver support for Microsoft’s Remote Network Driver Interface Specification (RNDIS) protocol may be disabled upstream due to security concerns.

RNDIS is Microsoft’s proprietary protocol for virtual Ethernet functionality over USB. However, the RNDIS protocol was designed with insufficient security considerations, and it is possible to connect the system to untrusted hosts or devices, making the system insecure and vulnerable. Windows only updates this protocol for systems after XP, and old Windows systems can use ordinary USB class protocols instead. The support for RNDIS on systems other than Windows is uneven, so RNDIS is not currently widely used in a cross-platform environment.

Android has disabled this protocol for many years, and there should be no other system that really needs the RNDIS protocol at this time. And for security reasons, the upstream Linux kernel is moving the RNDIS kernel driver behind the “BROKEN” Kconfig option to disable them in future kernel builds. Once marked as “BROKEN” for a period of time, the RNDIS driver may eventually be removed from the upstream source tree.

Greg Kroah-Hartman created the usb.git rndis-removal branch on Monday, where he disabled all RNDIS protocol drivers.WaitThe patch was successfully submitted, and Microsoft RNDIS protocol support will be completely withdrawn from the Linux kernel.