UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Kernel core dumps must be disabled unless needed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22404 GEN003510 SV-26604r1_rule ECSC-1 Medium
Description
Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in Denial of Service by exhausting the available space on the target file system. The kernel core dump process may increase the amount of time a system is unavailable due to a crash. Kernel core dumps can be useful for kernel debugging.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2013-01-17

Details

Check Text ( C-27645r1_chk )
Verify the kdump service is not running.

Procedure:
# service kdump status
If "Kdump is operational" is returned, this is a finding.
Fix Text (F-23849r1_fix)
Disable kdump.
# service kdump stop
# chkconfig kdump off