RHEL 9 must be configured to disable the FireWire kernel module.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-257806 | RHEL-09-213055 | SV-257806r1044859_rule | CCI-000381 | medium |
| Description | ||||
| Disabling firewire protects the system against exploitation of any flaws in its implementation. | ||||
| STIG | Date | |||
| Red Hat Enterprise Linux 9 Security Technical Implementation Guide | 2025-05-14 | |||
Details
Check Text (C-257806r1044859_chk)
Verify that RHEL 9 disables the ability to load the firewire-core kernel module with the following command:
$ grep -r firewire-core /etc/modprobe.conf /etc/modprobe.d/*
install firewire-core /bin/false
blacklist firewire-core
If the command does not return any output, or the lines are commented out, and use of firewire-core is not documented with the information system security officer (ISSO) as an operational requirement, this is a finding.
Fix Text (F-61471r1044858_fix)
To configure the system to prevent the firewire-core kernel module from being loaded, add the following lines to the file /etc/modprobe.d/firewire-core.conf (or create firewire-core.conf if it does not exist):
install firewire-core /bin/false
blacklist firewire-core