AlmaLinux OS 9 must disable mounting of cramfs.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-269344 | ALMA-09-029940 | SV-269344r1050226_rule | CCI-000381 | medium |
| Description | ||||
| Removing support for unneeded filesystem types reduces the local attack surface of the server. Compressed ROM/RAM file system (or cramfs) is a read-only file system designed for simplicity and space-efficiency. It is mainly used in embedded and small-footprint systems. | ||||
| STIG | Date | |||
| Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide | 2026-02-27 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-7
1.00
- DISA · V1R6 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.6
1.00
- DISA · V1R6 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000381
1.00
- DISA · V1R6 · disa_xccdf · related
Details
Check Text (C-269344r1050226_chk)
Verify that AlmaLinux OS 9 disables the ability to load the cramfs kernel module with the following command:
$ grep cramfs /etc/modprobe.conf /etc/modprobe.d/*
blacklist cramfs
If the command does not return any output, or the line is commented out, and use of cramfs is not documented with the information system security officer (ISSO) as an operational requirement, this is a finding.
Fix Text (F-73276r1048409_fix)
To configure the system to prevent the cramfs kernel module from being loaded, create a *.conf file in /etc/modprobe.d/ with the following content:
install cramfs /bin/false
blacklist cramfs