RHEL 8 must be configured to disable USB mass storage.
An XCCDF Rule
Description
<VulnDiscussion>USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity. Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-230503r942936_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the operating system to disable the ability to use the USB Storage kernel module and the ability to use USB mass storage devices.
Add or update the following lines in the file "/etc/modprobe.d/blacklist.conf":
install usb-storage /bin/false
blacklist usb-storage