Detections
Analytics

1.106 UBTU-24-600140

Information

The operating system must restrict access to the kernel message buffer.

GROUP ID: V-270749
RULE ID: SV-270749r1067179

Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.

Solution

Configure the operating system to restrict access to the kernel message buffer.

Add or modify the following line in the "/etc/sysctl.conf" file:

kernel.dmesg_restrict = 1

Remove any configurations that conflict with the above from the following locations:

/run/sysctl.d//etc/sysctl.d//usr/local/lib/sysctl.d//usr/lib/sysctl.d//lib/sysctl.d//etc/sysctl.conf

Reload settings from all system configuration files by using the following command:

$ sudo sysctl --system

See Also

https://workbench.cisecurity.org/benchmarks/22775

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-4, CAT|III, CCI|CCI-001090, CSCv7|9.2, Rule-ID|SV-270749r1067179_rule, STIG-ID|UBTU-24-600140, Vuln-ID|V-270749

Plugin: Unix

Control ID: 08cfd1f7ccdb0f2dc0b5aa2f414c352c59c648fd4610997c4cd237dd98307cc0