UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

SUSE operating system kernel core dumps must be disabled unless needed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-235003 SLES-15-040190 SV-235003r622137_rule Medium
Description
Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.
STIG Date
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide 2023-03-08

Details

Check Text ( C-38191r619278_chk )
Verify that SUSE operating system kernel core dumps are disabled unless needed.

Check the status of the "kdump" service with the following command:

> systemctl status kdump.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)

If the "kdump" service is active, ask the System Administrator if the use of the service is required and documented with the Information System Security Officer (ISSO).

If the service is active and is not documented, this is a finding.
Fix Text (F-38154r619279_fix)
If SUSE operating system kernel core dumps are not required, disable the "kdump" service with the following command:

> sudo systemctl disable kdump.service

If kernel core dumps are required, document the need with the ISSO.