SLES-12-010375 - The SUSE operating system must restrict access to the kernel message buffer.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.

Solution

Configure the operating system to restrict access to the kernel message buffer.

Set the system to the required kernel parameter by adding or modifying the following line in /etc/sysctl.conf or a config file in the /etc/sysctl.d/ directory:

kernel.dmesg_restrict = 1

Remove any configurations that conflict with the above from the following locations:
/run/sysctl.d/
/etc/sysctl.d/
/usr/local/lib/sysctl.d/
/usr/lib/sysctl.d/
/lib/sysctl.d/
/etc/sysctl.conf

Reload settings from all system configuration files with the following command:

$ sudo sysctl --system

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLES_12_V2R13_STIG.zip

Item Details

References: CAT|III, CCI|CCI-001090, Rule-ID|SV-255915r880928_rule, STIG-ID|SLES-12-010375, Vuln-ID|V-255915

Plugin: Unix

Control ID: 5fb6989e7a388ea1c2bcaf694f7555574dc0b779d5aa9936288c1cc83a116ac6