[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-91165-1

Platform: cpe:/o:ubuntu:ubuntu_linux:14.04Date: (C)2017-03-14   (M)2023-07-04



Ensure Biosdevname is not enabled (Scored) "'biosdevname' is an external tool that works with the udev framework for naming devices. 'biosdevname' uses three methods to determine NIC names: 1. PCI firmware spec.3.1 2. smbios (matches # after ""em"" to OEM # printed on board or housing) 3. PCI IRQ Routing Table (uses # of NIC position in the device history). If the BIOS does not support biosdevname, no NICs' are re-named."


Parameter:

[exists/does_not_exist]


Technical Mechanism:

biosdevname is an external tool that works with the udev framework for custom renaming of system hardware connections made by the kernel and BIOS. As allowing the re- naming of devices can severely disrupt network communications by creating resource conflicts and provide an attack vector for denial of service exploits, this capability should be disabled or restricted according to the needs of the organization. Fix: Uninstall the biosdevname package: # apt-get purge biosdevname

CCSS Severity:CCSS Metrics:
CCSS Score : 6.7Attack Vector: LOCAL
Exploit Score: 0.8Attack Complexity: LOW
Impact Score: 5.9Privileges Required: HIGH
Severity: MEDIUMUser Interaction: NONE
Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:33885


OVAL    1
oval:org.secpod.oval:def:33885
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_14_04

© SecPod Technologies