There are a few protocols (such as DCCP) that are very rarely used and will most likely have unknown vulnerabilities. There have been pretty bad vulnerabilities with these in the past and even ones that allow privilege escalation.  
The main ones to disable would be DCCP, SCTP, RDS and TIPC.
They can be disabled by a file in /etc/modprobe.d that has
install dccp /bin/true install sctp /bin/true install rds /bin/true install tipc /bin/true
Tails also disables these.
Their modprobe.d file is here:
Should Whonix disable these? I highly doubt anyone would use these.