CCE-90435-9| Platform: cpe:/o:ubuntu:ubuntu_linux:14.10 | Date: (C)2023-07-04 (M)2023-07-04 |
To ensure all processes can be audited, even
those which start prior to the audit daemon, add the argument
<xhtml:code>audit=1</xhtml:code>
to the kernel line in
<xhtml:code>/boot/grub/grub.cfg</xhtml:code>
, in the manner below:
<pre xmlns="http://www.w3.org/1999/xhtml">kernel /vmlinuz-version ro vga=ext root=/dev/VolGroup00/LogVol00 rhgb quiet audit=1</pre>
Parameter:
[]
Technical Mechanism:
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 5.3 | Attack Vector: LOCAL |
| Exploit Score: 1.8 | Attack Complexity: LOW |
| Impact Score: 3.4 | Privileges Required: LOW |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | Scope: UNCHANGED |
| | Confidentiality: LOW |
| | Integrity: LOW |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:25926 |
