Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
RHEL 9 must be configured to disable the FireWire kernel module.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-257806 | RHEL-09-213055 | SV-257806r958478_rule | Medium |
| Description |
|---|
| Disabling firewire protects the system against exploitation of any flaws in its implementation. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 9 Security Technical Implementation Guide | 2024-06-04 |
Details
| Check Text ( C-61547r925403_chk ) |
|---|
| Verify that RHEL 9 disables the ability to load the firewire-core kernel module with the following command: $ sudo grep -r firewire-core /etc/modprobe.conf /etc/modprobe.d/* blacklist firewire-core If the command does not return any output, or the line is commented out, and use of firewire-core is not documented with the information system security officer (ISSO) as an operational requirement, this is a finding. |
| Fix Text (F-61471r942954_fix) |
|---|
| To configure the system to prevent the firewire-core kernel module from being loaded, add the following line to the file /etc/modprobe.d/firewire-core.conf (or create firewire-core.conf if it does not exist): install firewire-core /bin/false blacklist firewire-core |