STIGQter STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.

DISA Rule

SV-238334r654177_rule

Vulnerability Number

V-238334

Group Title

SRG-OS-000184-GPOS-00078

Rule Version

UBTU-20-010413

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

If kernel core dumps are not required, disable the "kdump" service with the following command:

$ sudo systemctl disable kdump.service

If kernel core dumps are required, document the need with the ISSO.

Check Contents

Verify that kernel core dumps are disabled unless needed.

Check if "kdump" service is active with the following command:

$ systemctl is-active kdump.service
inactive

If the "kdump" service is active, ask the SA if the use of the service is required and documented with the ISSO.

If the service is active and is not documented, this is a finding.

Vulnerability Number

V-238334

Documentable

False

Rule Version

UBTU-20-010413

Severity Override Guidance

Verify that kernel core dumps are disabled unless needed.

Check if "kdump" service is active with the following command:

$ systemctl is-active kdump.service
inactive

If the "kdump" service is active, ask the SA if the use of the service is required and documented with the ISSO.

If the service is active and is not documented, this is a finding.

Check Content Reference

M

Target Key

5318

Comments