The Oracle Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.

An XCCDF Rule

Description

<VulnDiscussion>Without cryptographic integrity protections, system command and files can be altered by unauthorized users without detection. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the key used to generate the hash.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-221653r1015161_rule
Severity: High
References: CCI-001749 CCI-003992
Updated: 17 days ago

Run the following command to determine which package owns the file:

# rpm -qf <filename>

The package can be reinstalled from a yum repository using the command:
# sudo yum reinstall <packagename>

Alternatively, the package can be reinstalled from trusted media using the command:

# sudo rpm -Uvh <packagename>

The Oracle Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values.

Description

Remediation - Manual Procedure