CCI|CCI-002824

Title

The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.

Reference Item Details

Category: 2013

Audit Items

View all Reference Audit Items

NamePluginAudit Name
AIX7-00-003096 - AIX must set Stack Execution Disable (SED) system wide mode to all.UnixDISA STIG AIX 7.x v2r9
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
Monterey - Configure the System to Protect Memory from Unauthorized Code ExecutionUnixNIST macOS Monterey v1.0.0 - All Profiles
OL07-00-040201 - The Oracle Linux operating system must implement virtual address space randomization.UnixDISA Oracle Linux 7 STIG v2r13
OL08-00-010420 - OL 8 must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA Oracle Linux 8 STIG v1r8
OL08-00-010430 - OL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution - ASLR to protect its memory from unauthorized code executionUnixDISA Oracle Linux 8 STIG v1r8
PHTN-30-000065 - The Photon operating system must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.UnixDISA STIG VMware vSphere 7.0 Photon OS v1r2
PHTN-67-000069 - The Photon operating system must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
RHEL-08-010420 - RHEL 8 must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA Red Hat Enterprise Linux 8 STIG v1r12
RHEL-08-010430 - RHEL 8 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code executionUnixDISA Red Hat Enterprise Linux 8 STIG v1r12
RHEL-09-212045 - RHEL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.UnixDISA Red Hat Enterprise Linux 9 STIG v1r1
RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities.UnixDISA Red Hat Enterprise Linux 9 STIG v1r1
RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access.UnixDISA Red Hat Enterprise Linux 9 STIG v1r1
RHEL-09-213070 - RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.UnixDISA Red Hat Enterprise Linux 9 STIG v1r1
RHEL-09-213110 - RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution.UnixDISA Red Hat Enterprise Linux 9 STIG v1r1
SLES-12-030320 - The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses.UnixDISA SLES 12 STIG v2r12
SLES-12-030330 - Address space layout randomization (ASLR) must be implemented by the SUSE operating system to protect memory from unauthorized code execution.UnixDISA SLES 12 STIG v2r12
SLES-15-010540 - The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses.UnixDISA SLES 15 STIG v1r11
SLES-15-010550 - Address space layout randomization (ASLR) must be implemented by the SUSE operating system to protect memory from unauthorized code execution.UnixDISA SLES 15 STIG v1r11
UBTU-16-030130 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-030140 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010513 - The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 18.04 LTS v2r12
UBTU-18-010514 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 18.04 LTS v2r12
UBTU-20-010447 - The Ubuntu operating system must implement nonexecutable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 20.04 LTS v1r10
UBTU-20-010447 - The Ubuntu operating system must implement nonexecutable data to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - procUnixDISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution - sysctlUnixDISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010448 - The Ubuntu operating system must implement address space layout randomization to protect its memory from unauthorized code execution.UnixDISA STIG Ubuntu 20.04 LTS v1r10
WINCC-000078 - EMET system-wide Address Space Layout Randomization (ASLR) must be enabled and configured to Application Opt In.WindowsDISA Windows Vista STIG v6r41
WINCC-000079 - EMET Default Protections for Internet Explorer must be enabled.WindowsDISA Windows Vista STIG v6r41
WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - Acrobat.exeWindowsDISA Windows Vista STIG v6r41
WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - AcroRd32.exeWindowsDISA Windows Vista STIG v6r41
WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - EXCEL.EXEWindowsDISA Windows Vista STIG v6r41