UBTU-18-010505 - Kernel core dumps must be disabled unless needed.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.

Solution

If kernel core dumps are not required, disable the 'kdump' service with the following command:

# systemctl disable kdump.service

If kernel core dumps are required, document the need with the Information System Security Officer (ISSO).

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_18-04_LTS_V2R4_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-24, CAT|II, CCI|CCI-001190, Rule-ID|SV-219335r610963_rule, STIG-ID|UBTU-18-010505, STIG-Legacy|SV-109997, STIG-Legacy|V-100893, Vuln-ID|V-219335

Plugin: Unix

Control ID: a3b4dd10d194f8bff7713b99cb8d3c1df103838b5d78279742486aed035c579e