{"description": "To enable poisoning of free pages, add the argument <tt>page_poison=1</tt> to all\nBLS (Boot Loader Specification) entries ('options' line) for the Linux\noperating system in <tt>/boot/loader/entries/*.conf</tt>.", "rationale": "Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented.\nThis prevents many types of use-after-free vulnerabilities at little performance cost.\nAlso prevents leak of data and detection of corrupted memory.", "severity": "medium", "references": {"nist": ["CM-6(a)"], "srg": ["SRG-APP-000243-CTR-000600"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "page allocator poisoning is not enabled", "ocil": "Inspect the form of all the BLS (Boot Loader Specification) entries\n('options' line) in <tt>/boot/loader/entries/*.conf</tt>. If they include\n<tt>page_poison=1</tt>, then page poisoning is enabled at boot time.\n<br /><br />\nTo ensure <tt>page_poison=1</tt> is configured on the installed kernel, add\nthe kernel argument via a <pre>MachineConfig</pre> object to the appropriate\npools.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": ["system_with_kernel"], "cpe_platform_names": [], "inherited_cpe_platform_names": ["system_with_kernel"], "bash_conditional": null, "fixes": {}, "title": "Enable page allocator poisoning", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/restrictions/poisoning/coreos_page_poison_kernel_argument/rule.yml", "template": {"name": "coreos_kernel_option", "vars": {"arg_name": "page_poison", "arg_value": "1"}, "backends": {}}}