Kernel panic timeout

An XCCDF Rule

Details
Profiles
Prose

Description

Set the timeout value (in seconds) until a reboot occurs when the kernel panics. A timeout of 0 configures the system to wait forever. With a timeout value greater than 0, the system will wait the specified amount of seconds before rebooting. While a timeout value less than 0 makes the system reboot immediately. The configuration that was used to build kernel is available at /boot/config-*. To check the configuration value for CONFIG_PANIC_TIMEOUT, run the following command: grep CONFIG_PANIC_TIMEOUT /boot/config-* For each kernel installed, a line with value "" should be returned.

warning alert: Warning

There is no remediation for this besides re-compiling the kernel with the appropriate value for the config.

Rationale

This is required to enable protection against Spectre v2.

ID: xccdf_org.ssgproject.content_rule_kernel_config_panic_timeout
Severity: Medium
References: BP28(R19)
Updated: about 1 year ago