SRG-OS-000433-GPOS-00192 Controls

STIG IDVersionTitleProduct
RHEL-08-010420V1R6RHEL 8 must implement non-executable data to protect its memory from unauthorized code execution.
SLES-15-010540V1R4The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses.
WN19-CC-000310V3R1Windows Server 2019 Explorer Data Execution Prevention must be enabled.
UBTU-18-010513V2R12The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.
UBTU-20-010447V1R6The Ubuntu operating system must implement non-executable data to protect its memory from unauthorized code execution.
SLES-12-030320V3R1The SUSE operating system must implement kptr-restrict to prevent the leaking of internal kernel addresses.
ALMA-09-044570V1R1AlmaLinux OS 9 must implement nonexecutable data to protect its memory from unauthorized code execution.
ALMA-09-044680V1R1AlmaLinux OS 9 must enable mitigations against processor-based vulnerabilities.
ALMA-09-044790V1R1AlmaLinux OS 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.
OL08-00-010420V1R6OL 8 must implement non-executable data to protect its memory from unauthorized code execution.
OL09-00-002390V1R1OL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks.
OL09-00-002422V1R1OL 9 must implement nonexecutable data to protect its memory from unauthorized code execution.
UBTU-24-700300V1R1Ubuntu 24.04 LTS must implement nonexecutable data to protect its memory from unauthorized code execution.
UBTU-22-213025V1R1Ubuntu 22.04 LTS must implement nonexecutable data to protect its memory from unauthorized code execution.
WN11-00-000150V1R6Structured Exception Handling Overwrite Protection (SEHOP) must be enabled.
WN11-CC-000215V1R6Explorer Data Execution Prevention must be enabled.
RHEL-09-212045V2R5RHEL 9 must clear memory when it is freed to prevent use-after-free attacks.
RHEL-09-213110V2R5RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution.
WN10-00-000145V3R1Data Execution Prevention (DEP) must be configured to at least OptOut.
WN10-00-000150V3R1Structured Exception Handling Overwrite Protection (SEHOP) must be enabled.
WN10-CC-000215V3R1Explorer Data Execution Prevention must be enabled.
WN16-CC-000340V2R9Explorer Data Execution Prevention must be enabled.
WN22-CC-000310V2R5Windows Server 2022 Explorer Data Execution Prevention must be enabled.