mitre · DMedina6 · Sep 12, 2024 · Sep 12, 2024 · Sep 12, 2024
diff --git a/controls/SV-257777.rb b/controls/SV-257777.rb
@@ -16,7 +16,7 @@
   tag severity: 'high'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag gid: 'V-257777'
-  tag rid: 'SV-257777r925318_rule'
+  tag rid: 'SV-257777r991589_rule'
   tag stig_id: 'RHEL-09-211010'
   tag fix_id: 'F-61442r925317_fix'
   tag cci: ['CCI-000366']

diff --git a/controls/SV-257778.rb b/controls/SV-257778.rb
@@ -27,7 +27,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag gid: 'V-257778'
-  tag rid: 'SV-257778r925321_rule'
+  tag rid: 'SV-257778r991589_rule'
   tag stig_id: 'RHEL-09-211015'
   tag fix_id: 'F-61443r925320_fix'
   tag cci: ['CCI-000366']

diff --git a/controls/SV-257779.rb b/controls/SV-257779.rb
@@ -49,7 +49,7 @@
   tag gtitle: 'SRG-OS-000023-GPOS-00006'
   tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']
   tag gid: 'V-257779'
-  tag rid: 'SV-257779r925324_rule'
+  tag rid: 'SV-257779r958390_rule'
   tag stig_id: 'RHEL-09-211020'
   tag fix_id: 'F-61444r925323_fix'
   tag cci: ['CCI-000048', 'CCI-001384', 'CCI-001385', 'CCI-001386', 'CCI-001387', 'CCI-001388']

diff --git a/controls/SV-257780.rb b/controls/SV-257780.rb
diff --git a/controls/SV-257781.rb b/controls/SV-257781.rb
@@ -16,7 +16,7 @@
   tag check_id: 'C-61522r925328_chk'
   tag severity: 'medium'
   tag gid: 'V-257781'
-  tag rid: 'SV-257781r925330_rule'
+  tag rid: 'SV-257781r991589_rule'
   tag stig_id: 'RHEL-09-211030'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag fix_id: 'F-61446r925329_fix'

diff --git a/controls/SV-257782.rb b/controls/SV-257782.rb
@@ -24,7 +24,7 @@
   tag severity: 'low'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag gid: 'V-257782'
-  tag rid: 'SV-257782r942961_rule'
+  tag rid: 'SV-257782r991589_rule'
   tag stig_id: 'RHEL-09-211035'
   tag fix_id: 'F-61447r925332_fix'
   tag cci: ['CCI-000366']

diff --git a/controls/SV-257783.rb b/controls/SV-257783.rb
@@ -16,7 +16,7 @@
   tag check_id: 'C-61524r925334_chk'
   tag severity: 'medium'
   tag gid: 'V-257783'
-  tag rid: 'SV-257783r925336_rule'
+  tag rid: 'SV-257783r991562_rule'
   tag stig_id: 'RHEL-09-211040'
   tag gtitle: 'SRG-OS-000269-GPOS-00103'
   tag fix_id: 'F-61448r925335_fix'

diff --git a/controls/SV-257784.rb b/controls/SV-257784.rb
@@ -27,7 +27,7 @@
   tag severity: 'high'
   tag gtitle: 'SRG-OS-000324-GPOS-00125'
   tag gid: 'V-257784'
-  tag rid: 'SV-257784r925339_rule'
+  tag rid: 'SV-257784r958726_rule'
   tag stig_id: 'RHEL-09-211045'
   tag fix_id: 'F-61449r925338_fix'
   tag cci: ['CCI-000366', 'CCI-002235']

diff --git a/controls/SV-257785.rb b/controls/SV-257785.rb
@@ -19,7 +19,7 @@
   tag severity: 'high'
   tag gtitle: 'SRG-OS-000324-GPOS-00125'
   tag gid: 'V-257785'
-  tag rid: 'SV-257785r925342_rule'
+  tag rid: 'SV-257785r958726_rule'
   tag stig_id: 'RHEL-09-211050'
   tag fix_id: 'F-61450r925341_fix'
   tag cci: ['CCI-000366', 'CCI-002235']

diff --git a/controls/SV-257786.rb b/controls/SV-257786.rb
@@ -25,7 +25,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000324-GPOS-00125'
   tag gid: 'V-257786'
-  tag rid: 'SV-257786r943026_rule'
+  tag rid: 'SV-257786r958726_rule'
   tag stig_id: 'RHEL-09-211055'
   tag fix_id: 'F-61451r943025_fix'
   tag cci: ['CCI-000366', 'CCI-002235']

diff --git a/controls/SV-257787.rb b/controls/SV-257787.rb
@@ -31,7 +31,7 @@
   tag check_id: 'C-61528r925346_chk'
   tag severity: 'medium'
   tag gid: 'V-257787'
-  tag rid: 'SV-257787r925348_rule'
+  tag rid: 'SV-257787r958472_rule'
   tag stig_id: 'RHEL-09-212010'
   tag gtitle: 'SRG-OS-000080-GPOS-00048'
   tag fix_id: 'F-61452r925347_fix'

diff --git a/controls/SV-257788.rb b/controls/SV-257788.rb
@@ -16,7 +16,7 @@
   tag check_id: 'C-61529r925349_chk'
   tag severity: 'medium'
   tag gid: 'V-257788'
-  tag rid: 'SV-257788r925351_rule'
+  tag rid: 'SV-257788r991589_rule'
   tag stig_id: 'RHEL-09-212015'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag fix_id: 'F-61453r925350_fix'

diff --git a/controls/SV-257789.rb b/controls/SV-257789.rb
@@ -26,7 +26,7 @@
   tag check_id: 'C-61530r943053_chk'
   tag severity: 'high'
   tag gid: 'V-257789'
-  tag rid: 'SV-257789r943055_rule'
+  tag rid: 'SV-257789r958472_rule'
   tag stig_id: 'RHEL-09-212020'
   tag gtitle: 'SRG-OS-000080-GPOS-00048'
   tag fix_id: 'F-61454r943054_fix'

diff --git a/controls/SV-257790.rb b/controls/SV-257790.rb
@@ -16,7 +16,7 @@
   tag check_id: 'C-61531r925355_chk'
   tag severity: 'medium'
   tag gid: 'V-257790'
-  tag rid: 'SV-257790r925357_rule'
+  tag rid: 'SV-257790r991589_rule'
   tag stig_id: 'RHEL-09-212025'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag fix_id: 'F-61455r925356_fix'

diff --git a/controls/SV-257791.rb b/controls/SV-257791.rb
@@ -16,7 +16,7 @@
   tag check_id: 'C-61532r925358_chk'
   tag severity: 'medium'
   tag gid: 'V-257791'
-  tag rid: 'SV-257791r925360_rule'
+  tag rid: 'SV-257791r991589_rule'
   tag stig_id: 'RHEL-09-212030'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag fix_id: 'F-61456r925359_fix'

diff --git a/controls/SV-257792.rb b/controls/SV-257792.rb
@@ -2,9 +2,7 @@
   title 'RHEL 9 must disable virtual system calls.'
   desc 'System calls are special routines in the Linux kernel, which userspace applications ask to do privileged tasks. Invoking a system call is an expensive operation because the processor must interrupt the currently executing task and switch context to kernel mode and then back to userspace after the system call completes. Virtual system calls map into user space a page that contains some variables and the implementation of some system calls. This allows the system calls to be executed in userspace to alleviate the context switching expense.
 
-Virtual system calls provide an opportunity of attack for a user who has control of the return instruction pointer. Disabling virtual system calls help to prevent return oriented programming (ROP) attacks via buffer overflows and overruns. If the system intends to run containers based on RHEL 6 components, then virtual system calls will need enabled so the components function properly.
-
-'
+Virtual system calls provide an opportunity of attack for a user who has control of the return instruction pointer. Disabling virtual system calls help to prevent return oriented programming (ROP) attacks via buffer overflows and overruns. If the system intends to run containers based on RHEL 6 components, then virtual system calls will need enabled so the components function properly.'
   desc 'check', %q(Verify the current GRUB 2 configuration disables virtual system calls with the following command:
 
 $ sudo grubby --info=ALL | grep args | grep -v 'vsyscall=none'
@@ -30,7 +28,7 @@
   tag check_id: 'C-61533r925361_chk'
   tag severity: 'medium'
   tag gid: 'V-257792'
-  tag rid: 'SV-257792r925363_rule'
+  tag rid: 'SV-257792r991589_rule'
   tag stig_id: 'RHEL-09-212035'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag fix_id: 'F-61457r925362_fix'

diff --git a/controls/SV-257793.rb b/controls/SV-257793.rb
@@ -29,7 +29,7 @@
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192', 'SRG-OS-000480-GPOS-00227']
   tag gid: 'V-257793'
-  tag rid: 'SV-257793r925366_rule'
+  tag rid: 'SV-257793r991589_rule'
   tag stig_id: 'RHEL-09-212040'
   tag fix_id: 'F-61458r925365_fix'
   tag cci: ['CCI-001084', 'CCI-000366']

diff --git a/controls/SV-257794.rb b/controls/SV-257794.rb
@@ -19,7 +19,7 @@
 
 GRUB_CMDLINE_LINUX="slub_debug=P"
 
-If "slub_debug" is not set to "P", is missing or commented out, this is a finding.)
+If "slub_debug" does not contain "P", is missing, or is commented out, this is a finding.)
   desc 'fix', 'Configure RHEL  to enable poisoning of SLUB/SLAB objects with the following commands:
 
 $ sudo grubby --update-kernel=ALL --args="slub_debug=P"
@@ -33,7 +33,7 @@
   tag gtitle: 'SRG-OS-000433-GPOS-00192'
   tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']
   tag gid: 'V-257794'
-  tag rid: 'SV-257794r925369_rule'
+  tag rid: 'SV-257794r958928_rule'
   tag stig_id: 'RHEL-09-212045'
   tag fix_id: 'F-61459r925368_fix'
   tag cci: ['CCI-001084', 'CCI-002824']

diff --git a/controls/SV-257795.rb b/controls/SV-257795.rb
@@ -28,7 +28,7 @@
   tag severity: 'low'
   tag gtitle: 'SRG-OS-000433-GPOS-00193'
   tag gid: 'V-257795'
-  tag rid: 'SV-257795r925372_rule'
+  tag rid: 'SV-257795r958928_rule'
   tag stig_id: 'RHEL-09-212050'
   tag fix_id: 'F-61460r925371_fix'
   tag cci: ['CCI-000381', 'CCI-002824']

diff --git a/controls/SV-257796.rb b/controls/SV-257796.rb
@@ -33,7 +33,7 @@
   tag gtitle: 'SRG-OS-000037-GPOS-00015'
   tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218', 'SRG-OS-000254-GPOS-00095']
   tag gid: 'V-257796'
-  tag rid: 'SV-257796r925375_rule'
+  tag rid: 'SV-257796r958412_rule'
   tag stig_id: 'RHEL-09-212055'
   tag fix_id: 'F-61461r925374_fix'
   tag cci: ['CCI-000169', 'CCI-000130', 'CCI-000135', 'CCI-000172', 'CCI-001464', 'CCI-002884']

diff --git a/controls/SV-257797.rb b/controls/SV-257797.rb
@@ -38,7 +38,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000132-GPOS-00067'
   tag gid: 'V-257797'
-  tag rid: 'SV-257797r942965_rule'
+  tag rid: 'SV-257797r958514_rule'
   tag stig_id: 'RHEL-09-213010'
   tag fix_id: 'F-61462r925377_fix'
   tag cci: ['CCI-001090', 'CCI-001082']

diff --git a/controls/SV-257798.rb b/controls/SV-257798.rb
@@ -37,7 +37,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000132-GPOS-00067'
   tag gid: 'V-257798'
-  tag rid: 'SV-257798r942967_rule'
+  tag rid: 'SV-257798r958514_rule'
   tag stig_id: 'RHEL-09-213015'
   tag fix_id: 'F-61463r925380_fix'
   tag cci: ['CCI-001090', 'CCI-001082']

diff --git a/controls/SV-257799.rb b/controls/SV-257799.rb
@@ -32,11 +32,11 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag gid: 'V-257799'
-  tag rid: 'SV-257799r942969_rule'
+  tag rid: 'SV-257799r997051_rule'
   tag stig_id: 'RHEL-09-213020'
   tag fix_id: 'F-61464r925383_fix'
-  tag cci: ['CCI-001749', 'CCI-000366']
-  tag nist: ['CM-5 (3)', 'CM-6 b']
+  tag cci: ['CCI-001749', 'CCI-000366', 'CCI-003992']
+  tag nist: ['CM-5 (3)', 'CM-6 b', 'CM-14']
   tag 'host'
 
   only_if('Control not applicable within a container', impact: 0.0) {

diff --git a/controls/SV-257800.rb b/controls/SV-257800.rb
@@ -26,7 +26,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000132-GPOS-00067'
   tag gid: 'V-257800'
-  tag rid: 'SV-257800r942971_rule'
+  tag rid: 'SV-257800r958514_rule'
   tag stig_id: 'RHEL-09-213025'
   tag fix_id: 'F-61465r925386_fix'
   tag cci: ['CCI-000366', 'CCI-001082', 'CCI-002824']

diff --git a/controls/SV-257801.rb b/controls/SV-257801.rb
@@ -33,7 +33,7 @@
   tag gtitle: 'SRG-OS-000312-GPOS-00123'
   tag satisfies: ['SRG-OS-000312-GPOS-00122', 'SRG-OS-000312-GPOS-00123', 'SRG-OS-000312-GPOS-00124', 'SRG-OS-000324-GPOS-00125']
   tag gid: 'V-257801'
-  tag rid: 'SV-257801r925390_rule'
+  tag rid: 'SV-257801r958702_rule'
   tag stig_id: 'RHEL-09-213030'
   tag fix_id: 'F-61466r925389_fix'
   tag cci: ['CCI-002165', 'CCI-002235']

diff --git a/controls/SV-257802.rb b/controls/SV-257802.rb
@@ -33,7 +33,7 @@
   tag gtitle: 'SRG-OS-000312-GPOS-00123'
   tag satisfies: ['SRG-OS-000312-GPOS-00122', 'SRG-OS-000312-GPOS-00123', 'SRG-OS-000312-GPOS-00124', 'SRG-OS-000324-GPOS-00125']
   tag gid: 'V-257802'
-  tag rid: 'SV-257802r925393_rule'
+  tag rid: 'SV-257802r958702_rule'
   tag stig_id: 'RHEL-09-213035'
   tag fix_id: 'F-61467r925392_fix'
   tag cci: ['CCI-002165', 'CCI-002235']

diff --git a/controls/SV-257803.rb b/controls/SV-257803.rb
@@ -30,7 +30,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000480-GPOS-00227'
   tag gid: 'V-257803'
-  tag rid: 'SV-257803r942973_rule'
+  tag rid: 'SV-257803r991589_rule'
   tag stig_id: 'RHEL-09-213040'
   tag fix_id: 'F-61468r925395_fix'
   tag cci: ['CCI-000366']

diff --git a/controls/SV-257804.rb b/controls/SV-257804.rb
@@ -17,7 +17,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000095-GPOS-00049'
   tag gid: 'V-257804'
-  tag rid: 'SV-257804r925399_rule'
+  tag rid: 'SV-257804r958478_rule'
   tag stig_id: 'RHEL-09-213045'
   tag fix_id: 'F-61469r925398_fix'
   tag cci: ['CCI-000381']

diff --git a/controls/SV-257805.rb b/controls/SV-257805.rb
@@ -17,7 +17,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000095-GPOS-00049'
   tag gid: 'V-257805'
-  tag rid: 'SV-257805r925402_rule'
+  tag rid: 'SV-257805r958478_rule'
   tag stig_id: 'RHEL-09-213050'
   tag fix_id: 'F-61470r925401_fix'
   tag cci: ['CCI-000381']

diff --git a/controls/SV-257806.rb b/controls/SV-257806.rb
@@ -17,7 +17,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000095-GPOS-00049'
   tag gid: 'V-257806'
-  tag rid: 'SV-257806r942955_rule'
+  tag rid: 'SV-257806r958478_rule'
   tag stig_id: 'RHEL-09-213055'
   tag fix_id: 'F-61471r942954_fix'
   tag cci: ['CCI-000381']

diff --git a/controls/SV-257807.rb b/controls/SV-257807.rb
@@ -28,9 +28,9 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000095-GPOS-00049'
   tag gid: 'V-257807'
-  tag rid: 'SV-257807r925408_rule'
+  tag rid: 'SV-257807r958478_rule'
   tag stig_id: 'RHEL-09-213060'
-  tag fix_id: 'F-61472r925407_fix'
+  tag fix_id: 'F-61472r952165_fix'
   tag cci: ['CCI-000381']
   tag nist: ['CM-7 a']
   tag 'host'

diff --git a/controls/SV-257808.rb b/controls/SV-257808.rb
@@ -21,7 +21,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000095-GPOS-00049'
   tag gid: 'V-257808'
-  tag rid: 'SV-257808r925411_rule'
+  tag rid: 'SV-257808r958478_rule'
   tag stig_id: 'RHEL-09-213065'
   tag fix_id: 'F-61473r925410_fix'
   tag cci: ['CCI-000381']

diff --git a/controls/SV-257809.rb b/controls/SV-257809.rb
@@ -27,7 +27,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000433-GPOS-00193'
   tag gid: 'V-257809'
-  tag rid: 'SV-257809r942975_rule'
+  tag rid: 'SV-257809r958928_rule'
   tag stig_id: 'RHEL-09-213070'
   tag fix_id: 'F-61474r925413_fix'
   tag cci: ['CCI-002824', 'CCI-000366']

diff --git a/controls/SV-257810.rb b/controls/SV-257810.rb
@@ -1,7 +1,7 @@
 control 'SV-257810' do
   title 'RHEL 9 must disable access to network bpf system call from nonprivileged processes.'
   desc 'Loading and accessing the packet filters programs and maps using the bpf() system call has the potential of revealing sensitive information about the kernel state.'
-  desc 'check', %q(Verify RHEL 9 prevents privilege escalation thru the kernel by disabling access to the bpf system call with the following commands:
+  desc 'check', %q(Verify that RHEL 9 prevents privilege escalation through the kernel by disabling access to the bpf system call with the following commands:
 
 $ sudo sysctl kernel.unprivileged_bpf_disabled
 
@@ -14,7 +14,7 @@
 $ sudo /usr/lib/systemd/systemd-sysctl --cat-config | egrep -v '^(#|;)' | grep -F kernel.unprivileged_bpf_disabled | tail -1
 kernel.unprivileged_bpf_disabled = 1
 
-If the network parameter "ipv4.tcp_syncookies" is not equal to "1", or nothing is returned, this is a finding.)
+If the network parameter "kernel.unprivileged_bpf_disabled" is not equal to "1", or nothing is returned, this is a finding.)
   desc 'fix', 'Configure RHEL 9 to prevent privilege escalation thru the kernel by disabling access to the bpf syscall by adding the following line to a file, in the "/etc/sysctl.d" directory:
 
 kernel.unprivileged_bpf_disabled = 1
@@ -27,7 +27,7 @@
   tag severity: 'medium'
   tag gtitle: 'SRG-OS-000132-GPOS-00067'
   tag gid: 'V-257810'
-  tag rid: 'SV-257810r942977_rule'
+  tag rid: 'SV-257810r958514_rule'
   tag stig_id: 'RHEL-09-213075'
   tag fix_id: 'F-61475r925416_fix'
   tag cci: ['CCI-000366', 'CCI-001082']