diff --git a/usr/lib/sysctl.d/990-security-misc.conf b/usr/lib/sysctl.d/990-security-misc.conf
index c43ca19..93efe26 100644
--- a/usr/lib/sysctl.d/990-security-misc.conf
+++ b/usr/lib/sysctl.d/990-security-misc.conf
@@ -467,6 +467,9 @@ net.ipv6.conf.*.accept_redirects=0
 ## Reduces IP spoofing attacks by limiting the scope of allowable ARP responses.
 ##
 ## https://cyber.gouv.fr/sites/default/files/document/linux_configuration-en-v2.pdf
+## https://github.com/mullvad/mullvadvpn-app/blob/main/audits/2024-12-10-X41-D-Sec.md#mllvd-cr-24-03-virtual-ip-address-of-tunnel-device-leaks-to-network-adjacent-participant-severity-medium
+## https://github.com/mullvad/mullvadvpn-app/pull/7141
+## https://www.x41-dsec.de/static/reports/X41-Mullvad-Audit-Public-Report-2024-12-10.pdf
 ##
 #net.ipv4.conf.*.arp_ignore=2