RHEL 9 must disable acquiring, saving, and processing core dumps.

An XCCDF Rule

Details
Profiles

Description

A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.

ID: SV-257815r991589_rule
Version: RHEL-09-213100
Severity: Medium
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

Configure the system to disable the systemd-coredump.socket with the following command:

$ sudo systemctl mask --now systemd-coredump.socket

Created symlink /etc/systemd/system/systemd-coredump.socket -> /dev/null
Reload the daemon for this change to take effect.

$ sudo systemctl daemon-reload

RHEL 9 must disable acquiring, saving, and processing core dumps.

Description

Remediation Templates

A Manual Procedure