fix: remove description while writing out mod file (#8485)

Co-authored-by: aks-node-assistant[bot] <190555641+aks-node-assistant[bot]@users.noreply.github.com>

Author: awesomenix

parts/linux/cloud-init/artifacts/cse_main.sh

@@ -61,7 +61,7 @@ disableVulnerableKernelModule() {
     local mod="$1"
     local desc="$2"
 
-    printf '# %s\ninstall %s /bin/false\nblacklist %s\n' "$desc" "$mod" "$mod" > "/etc/modprobe.d/disable-${mod}.conf"
+    printf 'install %s /bin/false\nblacklist %s\n' "$mod" "$mod" > "/etc/modprobe.d/disable-${mod}.conf"
 
     if grep -q "^${mod} " /proc/modules 2>/dev/null; then
         if modprobe -r "$mod" 2>/dev/null; then

parts/linux/cloud-init/nodecustomdata.yml

@@ -25,6 +25,16 @@ write_files:
     Any overridden files will be listed here - Hotfix mode
     Example: {{GetCSEHelpersScriptFilepath}}
 
+
+# ---- hotfix: auto-generated by hotfix-generate GH Action ----
+- path: /opt/azure/containers/provision.sh
+  permissions: "0744"
+  encoding: gzip
+  owner: root
+  content: !!binary |
+    {{GetVariableProperty "cloudInitData" "provisionScript"}}
+
+# ---- end hotfix ----
 {{- else }}
 - path: {{GetCSEHelpersScriptFilepath}}
   permissions: "0744"

spec/parts/linux/cloud-init/artifacts/cse_main_disable_modules_spec.sh

@@ -30,7 +30,6 @@ Describe 'disableVulnerableKernelModule()'
         The file "${MODPROBE_DIR}/disable-algif_aead.conf" should be exist
         The contents of file "${MODPROBE_DIR}/disable-algif_aead.conf" should include "install algif_aead /bin/false"
         The contents of file "${MODPROBE_DIR}/disable-algif_aead.conf" should include "blacklist algif_aead"
-        The contents of file "${MODPROBE_DIR}/disable-algif_aead.conf" should include "CVE-2026-31431"
     End
 
     It 'creates separate config files per module'