Amazon Linux 2023 must have the chrony package installed.

STIG ID: AZLX-23-001050  |  SRG: SRG-OS-000355-GPOS-00143 |  Severity: medium (CAT II)  |  CCI: CCI-004923 |  Vulnerability Id: V-274022

Vulnerability Discussion

Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.

Check

Verify Amazon Linux 2023 has the chrony package installed with the following command:

$ sudo dnf list --installed chrony
Installed Packages
chrony.x86_64 4.3-1.amzn2023.0.5 @System

If the "chrony" package is not installed, this is a finding.

Fix

Configure Amazon Linux 2023 to have the chrony package installed.

The chrony package can be installed with the following command:

$ sudo dnf install -y chrony
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.