STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

Kernel core dumps must be disabled unless needed.

DISA Rule

SV-219335r610963_rule

Vulnerability Number

V-219335

Group Title

SRG-OS-000184-GPOS-00078

Rule Version

UBTU-18-010505

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

If kernel core dumps are not required, disable the "kdump" service with the following command:

# systemctl disable kdump.service

If kernel core dumps are required, document the need with the Information System Security Officer (ISSO).

Check Contents

Verify that kernel core dumps are disabled unless needed.

Check if "kdump" service is active with the following command:

# systemctl is-active kdump.service
inactive

If the "kdump" service is active, ask the System Administrator if the use of the service is required and documented with the Information System Security Officer (ISSO).

If the service is active and is not documented, this is a finding.

Vulnerability Number

V-219335

Documentable

False

Rule Version

UBTU-18-010505

Severity Override Guidance

Verify that kernel core dumps are disabled unless needed.

Check if "kdump" service is active with the following command:

# systemctl is-active kdump.service
inactive

If the "kdump" service is active, ask the System Administrator if the use of the service is required and documented with the Information System Security Officer (ISSO).

If the service is active and is not documented, this is a finding.

Check Content Reference

M

Target Key

4055

Comments