Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22579 | GEN008480 | SV-26970r4_rule | Low |
Description |
---|
USB is a common computer peripheral interface. USB devices may include storage devices that could be used to install malicious software on a system or exfiltrate data. |
STIG | Date |
---|---|
Solaris 10 X86 Security Technical Implementation Guide | 2019-06-24 |
Check Text ( C-27917r6_chk ) |
---|
If the system needs a particular USB driver for storage, this vulnerability is not applicable. Check the current loaded kernel modules: # modinfo | grep usb_ac # modinfo | grep usb_as # modinfo | grep hid # modinfo | grep scsa2usb # modinfo | grep usbprn # modinfo | grep usbser_edge If any command produces output, this is a finding. Check the configuration of the /etc/system file: # grep 'exclude: usb_ac' /etc/system # grep 'exclude: usb_as' /etc/system # grep 'exclude: hid' /etc/system # grep 'exclude: scsa2usb' /etc/system # grep 'exclude: usbprn' /etc/system # grep 'exclude: usbser_edge' /etc/system If no results are returned from any particular command, this is a finding. |
Fix Text (F-24232r6_fix) |
---|
Prevent the USB drivers from loading: # echo "exclude: usb_ac" >> /etc/system # echo "exclude: usb_as" >> /etc/system # echo "exclude: hid" >> /etc/system # echo "exclude: scsa2usb" >> /etc/system # echo "exclude: usbprn" >> /etc/system # echo "exclude: usbser_edge" >> /etc/system The system must be restarted for these changes to take effect. |