FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
Roger Marquis
marquis at roble.com
Wed Jan 28 23:09:14 UTC 2015
>> >> If SCTP is NOT compiled in the kernel, are you still vulnerable ?
>> >
>> > No -- we should have mentioned that too. For GENERIC kernel however
>> > SCTP is compiled in.
>>
>> Should probably fix that too, in GENERIC, considering how little used this
>> protocol is.
>
> It is not used much because there is not critical mass and you want
> to reduce what little there is out there? It is a good thing that
> it is in GENERIC.
While this isn't the place to enumerate the issues with SCTP (beyond the
recent advisories) I hope we're not putting anything in the GENERIC kernel for
advocacy purposes. Cannot the few who want to use it simply compile their own
kernel?
Roger
More information about the freebsd-security
mailing list