UBTU-20-010413 - The Ubuntu operating system must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.

Information

Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.

Solution

If kernel core dumps are not required, disable the 'kdump' service with the following command:

$ sudo systemctl disable kdump.service

If kernel core dumps are required, document the need with the ISSO.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_20-04_LTS_V1R12_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-24, CAT|II, CCI|CCI-001190, Rule-ID|SV-238334r654177_rule, STIG-ID|UBTU-20-010413, Vuln-ID|V-238334

Plugin: Unix

Control ID: 0ee2b0ea7aa0253400d746e4ce91bc5fa89bed3ba56a25e190ef1da33f4cf5f2