STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide

V-258828

CAT II (Medium)

The Photon operating system must restrict access to the kernel message buffer.

Rule ID

SV-258828r933545_rule

STIG

VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-001090

Discussion

Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.

Check Content

At the command line, run the following command to verify kernel message buffer restrictions are enabled:

# /sbin/sysctl kernel.dmesg_restrict

Example result:

kernel.dmesg_restrict = 1

If the "kernel.dmesg_restrict" kernel parameter is not set to "1", this is a finding.

Fix Text

Navigate to and open:

/etc/sysctl.d/zz-stig-hardening.conf

Add or update the following line:

kernel.dmesg_restrict = 1

At the command line, run the following command to load the new configuration:

# /sbin/sysctl --load /etc/sysctl.d/zz-stig-hardening.conf

Note: If the file zz-stig-hardening.conf does not exist, it must be created.