| RHEL-08-030302 - Successful/unsuccessful uses of the mount syscall in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030361 - Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030390 - Successful/unsuccessful uses of the delete_module command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030490 - Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030550 - Successful/unsuccessful uses of the sudo command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030630 - RHEL 8 audit tools must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030640 - RHEL 8 audit tools must be group-owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030660 - RHEL 8 must allocate audit record storage capacity to store at least one week of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-040209 - RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040370 - The gssproxy package must not be installed unless mission essential on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-212040 - RHEL 9 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213090 - RHEL 9 must disable storing core dumps. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213095 - RHEL 9 must disable core dumps for all users. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213100 - RHEL 9 must disable acquiring, saving, and processing core dumps. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213105 - RHEL 9 must disable the use of user namespaces. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231035 - RHEL 9 must use a separate file system for /var/tmp. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231070 - RHEL 9 must prevent code from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231075 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232100 - RHEL 9 /etc/group- file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232103 - RHEL 9 "/etc/audit/" must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-232125 - RHEL 9 /etc/gshadow- file must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232175 - RHEL 9 /var/log directory must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-232245 - A sticky bit must be set on all RHEL 9 public directories. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-232250 - All RHEL 9 local files and directories must have a valid group owner. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-251035 - RHEL 9 must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252045 - RHEL 9 must not have unauthorized IP tunnels configured. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252050 - RHEL 9 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253015 - RHEL 9 must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253025 - RHEL 9 must log IPv4 packets with impossible addresses. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253030 - RHEL 9 must log IPv4 packets with impossible addresses by default. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253040 - RHEL 9 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255115 - RHEL 9 SSH server configuration files' permissions must not be modified. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255125 - RHEL 9 SSH public host key files must have mode 0644 or less permissive. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255150 - RHEL 9 SSH daemon must not allow known hosts authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271090 - RHEL 9 effective dconf policy must match the policy keyfiles. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411065 - All RHEL 9 local interactive user home directories defined in the /etc/passwd file must exist. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411115 - Local RHEL 9 initialization files must not execute world-writable programs. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-432020 - RHEL 9 must use the invoking user's password for privilege escalation when using "sudo". | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611045 - RHEL 9 must ensure the password complexity module is enabled in the system-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-653075 - RHEL 9 audit system must audit local events. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-010499 - The SUSE operating system must use a file integrity tool to verify correct operation of all security functions. | DISA SLES 12 STIG v3r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
