{"description": "The installed operating system must be maintained by a vendor.\n\nRed Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise\nLinux vendor, Red Hat, Inc. is responsible for providing security patches.", "rationale": "An operating system is considered \"supported\" if the vendor continues to\nprovide security patches for the product.  With an unsupported release, it\nwill not be possible to resolve any security issue discovered in the system\nsoftware.", "severity": "high", "references": {"cis-csc": ["18", "20", "4"], "cobit5": ["APO12.01", "APO12.02", "APO12.03", "APO12.04", "BAI03.10", "DSS05.01", "DSS05.02"], "isa-62443-2009": ["4.2.3", "4.2.3.12", "4.2.3.7", "4.2.3.9"], "iso27001-2013": ["A.12.6.1", "A.14.2.3", "A.16.1.3", "A.18.2.2", "A.18.2.3"], "nist": ["CM-6(a)", "MA-6", "SA-13(a)"], "nist-csf": ["ID.RA-1", "PR.IP-12"], "srg": ["SRG-OS-000480-GPOS-00227"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "the installed operating system is not supported", "ocil": "To verify that the installed operating system is supported, run\nthe following command:\n\n<pre>$ grep DISTRIB_DESCRIPTION /etc/lsb-release</pre>\n\n<pre>Ubuntu 22.04</pre>", "oval_external_content": null, "fixtext": "Upgrade to a supported version of Ubuntu 22.04.", "checktext": "", "vuldiscussion": "", "srg_requirement": "Ubuntu 22.04 must be a vendor-supported release.", "warnings": [{"general": "There is no remediation besides switching to a different operating system."}], "conflicts": [], "requires": [], "policy_specific_content": {"stig": {"srg_requirement": "Ubuntu 22.04 must be a vendor-supported release.", "vuldiscussion": "An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\nRed Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period.", "checktext": "Verify that the version or Ubuntu 22.04 is vendor supported with the following command:\n\n$ cat /etc/redhat-release\n\nRed Hat Enterprise Linux release 9.2 (Plow)\n\nIf the installed version of Ubuntu 22.04 is not supported, this is a finding.", "fixtext": "Upgrade to a supported version of Ubuntu 22.04."}}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "The Installed Operating System Is Vendor Supported", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml", "template": null}