STIGQter: STIG Summary: VMware vSphere 6.7 Photon OS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

The Photon operating system must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.

DISA Rule

SV-239140r675228_rule

Vulnerability Number

V-239140

Group Title

SRG-OS-000433-GPOS-00193

Rule Version

PHTN-67-000069

Severity

CAT II

CCI(s)

CCI-002824 - The information system implements organization-defined security safeguards to protect its memory from unauthorized code execution.

Weight

Fix Recommendation

Open /etc/sysctl.d/50-security-hardening.conf with a text editor.

Ensure that the "randomize_va_space" is uncommented and set to the following:

kernel.randomize_va_space=2

At the command line, execute the following command:

# sysctl --system

Check Contents

At the command line, execute the following command:

# cat /proc/sys/kernel/randomize_va_space

If the value of "randomize_va_space" is not "2", this is a finding.

Vulnerability Number

V-239140

Documentable

False

Rule Version

PHTN-67-000069

Severity Override Guidance

At the command line, execute the following command:

# cat /proc/sys/kernel/randomize_va_space

If the value of "randomize_va_space" is not "2", this is a finding.

Check Content Reference

Target Key

5323

The Photon operating system must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments