Ubuntu 22.04 LTS must restrict access to the kernel message buffer.

An XCCDF Rule

Details
Profiles

Description

Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.

ID: SV-260472r958524_rule
Version: UBTU-22-213010
Severity: Low
References: CCI-001090
Updated: about 2 months ago

Remediation Templates

Configure Ubuntu 22.04 LTS to restrict access to the kernel message buffer. 
 
Add or modify the following line in the "/etc/sysctl.conf" file: 
 
kernel.dmesg_restrict = 1 
 Remove any configurations that conflict with the above from the following locations:  
 
/run/sysctl.d/ 
/etc/sysctl.d/ 
/usr/local/lib/sysctl.d/ 
/usr/lib/sysctl.d/ 
/lib/sysctl.d/ 
/etc/sysctl.conf 
 
Reload settings from all system configuration files by using the following command: 
 
     $ sudo sysctl --system

Ubuntu 22.04 LTS must restrict access to the kernel message buffer.

Description

Remediation Templates

A Manual Procedure