UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The VMM must implement non-executable data to protect its memory from unauthorized code execution.


Overview

Finding ID Version Rule ID IA Controls Severity
V-207503 SRG-OS-000433-VMM-001740 SV-207503r958928_rule Medium
Description
Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Data execution prevention safeguards can either be hardware-enforced or software-enforced with hardware providing the greater strength of mechanism. Examples of attacks are buffer overflow attacks.
STIG Date
Virtual Machine Manager Security Requirements Guide 2024-05-28

Details

Check Text ( C-7760r365913_chk )
Verify the VMM implements non-executable data to protect its memory from unauthorized code execution.

If it does not, this is a finding.
Fix Text (F-7760r365914_fix)
Configure the VMM to implement non-executable data to protect its memory from unauthorized code execution.