Details
The operating system must disable Kernel core dumps unless needed.
Rationale:
Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.
Solution
If kernel core dumps are not required, disable the kdump service with the following command:
# systemctl disable kdump.service
If kernel core dumps are required, document the need with the Authorizing Official.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.
References
- 800-53|CM-6b.
- CCI|CCI-000366
- CSCv6|9.1
- CSCv7|5.1
- Rule-ID|SV-204492r603261_rule
- STIG-ID|RHEL-07-021300