{"description": "Disabling this option eliminates support for BUG and WARN, reducing the size of your kernel\nimage and potentially quietly ignoring numerous fatal conditions. You should only consider\ndisabling this option for embedded systems with no facilities for reporting errors.\n\nThe configuration that was used to build kernel is available at <tt>/boot/config-*</tt>.\n    To check the configuration value for <tt>CONFIG_BUG</tt>, run the following command:\n    <tt>grep CONFIG_BUG /boot/config-*</tt>\n    \n    For each kernel installed, a line with value \"y\" should be returned.\n    ", "rationale": "Not setting this variable may hide a number of critical errors.", "severity": "medium", "references": {"anssi": ["R19"]}, "control_references": {"anssi": ["R19"]}, "components": [], "identifiers": {}, "ocil_clause": "the kernel was not built with the required value", "ocil": "To determine the config value the kernel was built with, run the following command:\n    <pre>$ grep CONFIG_BUG /boot/config.*</pre>\n    \n    For each kernel installed, a line with value \"y\" should be returned.\n    ", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [{"general": "There is no remediation for this besides re-compiling the kernel with the appropriate value for the config."}], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Enable support for BUG()", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/kernel_build_config/kernel_config_bug/rule.yml", "template": {"name": "kernel_build_config", "vars": {"config": "CONFIG_BUG", "value": "y"}, "backends": {}}}