UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Ubuntu 22.04 LTS must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.


Overview

Finding ID Version Rule ID IA Controls Severity
V-260473 UBTU-22-213015 SV-260473r953232_rule Medium
Description
Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.
STIG Date
Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide 2024-03-21

Details

Check Text ( C-64202r953230_chk )
Verify that kernel core dumps are disabled unless needed by using the following command:

$ systemctl status kdump.service
kdump.service
Loaded: masked (Reason: Unit kdump.service is masked.)
Active: inactive (dead)

If "kdump.service" is not masked and inactive, ask the system administrator (SA) if the use of the service is required and documented with the information system security officer (ISSO).

If the service is active and is not documented, this is a finding.
Fix Text (F-64110r953231_fix)
If kernel core dumps are not required, disable and mask "kdump.service" by using the following command:

$ sudo systemctl mask kdump --now

If kernel core dumps are required, document the need with the ISSO.