STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide

V-238334

CAT II (Medium)

The Ubuntu operating system must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail.

Rule ID

SV-238334r958550_rule

STIG

Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide

Version

V2R4

CCIs

CCI-001190

Discussion

Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.

Check Content

Verify that kernel core dumps are disabled unless needed. 
 
Check if "kdump" service is active with the following command: 
 
$ systemctl is-active kdump.service 
inactive 
 
If the "kdump" service is active, ask the SA if the use of the service is required and documented with the ISSO. 
 
If the service is active and is not documented, this is a finding.

Fix Text

If kernel core dumps are not required, disable the "kdump" service with the following command: 
 
$ sudo systemctl disable kdump.service 
 
If kernel core dumps are required, document the need with the ISSO.