II - Mission Support Classified
Rules and Groups employed by this XCCDF Profile
-
RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.
<VulnDiscussion>Address space layout randomization (ASLR) makes it more difficult for an attacker to predict the location of attack code they...Rule Medium Severity -
SRG-OS-000132-GPOS-00067
<GroupDescription></GroupDescription>Group -
RHEL 9 must disable access to network bpf system call from nonprivileged processes.
<VulnDiscussion>Loading and accessing the packet filters programs and maps using the bpf() system call has the potential of revealing sensiti...Rule Medium Severity -
SRG-OS-000132-GPOS-00067
<GroupDescription></GroupDescription>Group -
RHEL 9 must restrict usage of ptrace to descendant processes.
<VulnDiscussion>Unrestricted usage of ptrace allows compromised binaries to run ptrace on other processes of the user. Like this, the attacke...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules