Details
The cramfs filesystem type is a compressed read-only Linux filesystem embedded in small
footprint systems. A cramfs image can be used without having to first decompress the
image.
*Rationale*
Removing support for unneeded filesystem types reduces the local attack surface of the
server. If this filesystem type is not needed, disable it.
Solution
Edit or create the file /etc/modprobe.d/CIS.conf and add the following line-install cramfs /bin/true
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.