From: Florian Westphal <[email protected]> redhat: disable dccp conntrack support
DCCP is already disabled in RHEL. Judging from activity on the upstream development mailing list and the "syszkaller" dccp related reports there are no real users of this protocol. Disable dccp conntrack support. We've had use-after-free and out-of-bounds acesses (now fixed) in this code in the past, its clear that this is only "used" by fuzzers. Signed-off-by: Florian Westphal <[email protected]> diff --git a/redhat/configs/common/generic/CONFIG_NF_CT_PROTO_DCCP b/redhat/configs/common/generic/CONFIG_NF_CT_PROTO_DCCP index blahblah..blahblah 100644 --- a/redhat/configs/common/generic/CONFIG_NF_CT_PROTO_DCCP +++ b/redhat/configs/common/generic/CONFIG_NF_CT_PROTO_DCCP @@ -1 +1 @@ -CONFIG_NF_CT_PROTO_DCCP=y +# CONFIG_NF_CT_PROTO_DCCP is not set -- https://gitlab.com/cki-project/kernel-ark/-/merge_requests/2823 -- _______________________________________________ kernel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
