Detections
Analytics

1.48 RHEL-09-214035

Information

RHEL 9 must remove all software components after updated versions have been installed.

GROUP ID: V-257824
RULE ID: SV-257824r1044886

Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by some adversaries.

Solution

Configure RHEL 9 to remove all software components after updated versions have been installed.

Edit the file /etc/dnf/dnf.conf by adding or editing the following line:

clean_requirements_on_remove=True

See Also

https://workbench.cisecurity.org/benchmarks/22008

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-2(6), CAT|III, CCI|CCI-002617, Rule-ID|SV-257824r1044886_rule, STIG-ID|RHEL-09-214035, Vuln-ID|V-257824

Plugin: Unix

Control ID: d2544ce7b309a721120eff74500a606a5b960e3f2edec82dcae9c764af8c5890