STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-219342r610963_rule
V-219342
SRG-OS-000433-GPOS-00193
UBTU-18-010514
CAT II
10
Set the "kernel.randomize_va_space" entry found in the "/etc/sysctl.conf" file to a value of "2".
After the line has been modified the kernel settings from all system configuration files must be reloaded; before any of the changes will take effect.
Run the following command to reload all of the kernel system configuration files:
# sudo sysctl --system
Verify the Ubuntu operating system implements address space layout randomization (ASLR).
Check that ASLR is configured on the system with the following command:
# sudo sysctl kernel.randomize_va_space
kernel.randomize_va_space = 2
Verify the kernel parameter "randomize_va_space" is set to 2 with the following command:
# cat /proc/sys/kernel/randomize_va_space
2
If "kernel.randomize_va_space" is not set to 2, this is a finding.
Check the saved value of the kernel.randomize_va_space variable is not different from 2.
# sudo egrep -R "^kernel.randomize_va_space=[^2]" /etc/sysctl.conf /etc/sysctl.d
If this returns a result, this is a finding.
V-219342
False
UBTU-18-010514
Verify the Ubuntu operating system implements address space layout randomization (ASLR).
Check that ASLR is configured on the system with the following command:
# sudo sysctl kernel.randomize_va_space
kernel.randomize_va_space = 2
Verify the kernel parameter "randomize_va_space" is set to 2 with the following command:
# cat /proc/sys/kernel/randomize_va_space
2
If "kernel.randomize_va_space" is not set to 2, this is a finding.
Check the saved value of the kernel.randomize_va_space variable is not different from 2.
# sudo egrep -R "^kernel.randomize_va_space=[^2]" /etc/sysctl.conf /etc/sysctl.d
If this returns a result, this is a finding.
M
4055