lowkernelverified ✓rollback-safe
Disable cramfs kernel module
kmod-disable-cramfs · RHEL ≥ 8 · 1 impl
Description
The cramfs filesystem is a read-only compressed filesystem. It is rarely needed on production systems and provides an unnecessary attack surface for kernel-level exploits.
Rationale
Removing support for unnecessary filesystems reduces the kernel attack surface. A vulnerability in an unused filesystem module could be exploited if the module is loadable.
Check → Remediate
Checkkernel_module_state
- name:
- cramfs
- state:
- blacklisted
Remediatekernel_module_disable
- name:
- cramfs
Framework references
CIS
rhel8 1.1.1.1rhel9 1.1.1.1rhel10 1.1.1.1
STIG
V-230498V-257880 / RHEL-09-231195
NIST 800-53
CM-7
Live verification
rhel10:checkrhel8:checkrhel9:check
#kernel-module#filesystem#attack-surface