The severity is LOW as this is a legal mandate rather than a security vulnerability, though it could have significant operational impacts on FOSS projects. Real-world exploitability does not apply here; compliance with legislation is the primary concern.
US state laws require OS providers to implement age verification mechanisms, impacting FOSS vendors significantly due to compliance challenges. This legislation could result in fines for non-compliance and may force some FOSS projects to restrict usage.
Affected Systems
- FreeBSD (MidnightBSD)
- Linux distributions like Fedora and Linux Mint
- OSX/macOS
Affected Versions: All versions
Remediation
- Review legislative requirements for age verification in operating systems.
- Consider modifying licensing to restrict use where legislation is incompatible with FOSS principles.
- Implement necessary changes to comply with state laws or prepare legal arguments against enforcement.
Stack Impact
This impacts the core of OS functionality and could affect user accounts, app stores, and software applications interfacing with these systems.