A flaw was found in the Linux kernels implementation of the DCCP protocol. When reusing a socket with an attached dccps_hc_tx_ccid as a listener, it will be used after being released, leading to DoS and potentially code execution. When a DCCP socket is cloned, the pointers to dccps_hc_rx_ccid and dccps_hc_tx_ccid are copied. When CCID features are activated on the child socket, the CCID objects are freed, leaving the parent socket with dangling pointers.
Red Hat has previously automatically blacklisted the DCCP module in Red Hat Enterprise Linux 7.5 and later in /etc/modprobe.d/dccp-blacklist.conf.
If this file does not exist with the above contents, the module can be prevented loading by running the command
# echo "install dccp /bin/true" >> /etc/modprobe.d/dccp-blacklist.conf
The system will need to be restarted if the DCCP module is loaded. In most circumstances, the DCCP kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.
If the system requires this module to work correctly, this mitigation may not be suitable.
If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
The DCCP protocol is not a 'built in' or autoloaded protocol. A networked system sending DCCP packets to another host will not automatically load the dccp kernel module. The host must been or be using the DCCP protocol for it to load the kernel module on-demand.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1888083]
FEDORA-2020-ce117eff51 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.
I spent some time further confirming the bahvior. No RH products are affected as the commit is definitley required to work correctly.
I hope that answers your question chaekim.