STIGQter: STIG Summary: Oracle Linux 7 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Linux 7 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-221846r603260_rule
V-221846
SRG-OS-000433-GPOS-00193
OL07-00-040201
CAT II
10
Configure the operating system implement virtual address space randomization.
Set the system to the required kernel parameter by adding the following line to "/etc/sysctl.conf" or a config file in the /etc/sysctl.d/ directory (or modify the line to have the required value):
kernel.randomize_va_space = 2
Issue the following command to make the changes take effect:
# sysctl --system
Verify the operating system implements virtual address space randomization.
# grep kernel.randomize_va_space /etc/sysctl.conf /etc/sysctl.d/*
kernel.randomize_va_space = 2
If "kernel.randomize_va_space" is not configured in the /etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or does not have a value of "2", this is a finding.
Check that the operating system implements virtual address space randomization with the following command:
# /sbin/sysctl -a | grep kernel.randomize_va_space
kernel.randomize_va_space = 2
If "kernel.randomize_va_space" does not have a value of "2", this is a finding.
V-221846
False
OL07-00-040201
Verify the operating system implements virtual address space randomization.
# grep kernel.randomize_va_space /etc/sysctl.conf /etc/sysctl.d/*
kernel.randomize_va_space = 2
If "kernel.randomize_va_space" is not configured in the /etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or does not have a value of "2", this is a finding.
Check that the operating system implements virtual address space randomization with the following command:
# /sbin/sysctl -a | grep kernel.randomize_va_space
kernel.randomize_va_space = 2
If "kernel.randomize_va_space" does not have a value of "2", this is a finding.
M
4089