AlmaLinux OS 9 must be configured to disable Bluetooth.

STIG ID: ALMA-09-029720  |  SRG: SRG-OS-000095-GPOS-00049 |  Severity: medium |  CCI: CCI-000381 |  Vulnerability Id: V-269342

Vulnerability Discussion

This requirement applies to wireless peripheral technologies (e.g., wireless mice, keyboards, displays, etc.) used with AlmaLinux OS 9 systems.

Wireless peripherals (e.g., Wi-Fi/Bluetooth/IR keyboards, mice and pointing devices, and near field communications [NFC]) present a unique challenge by creating an open, unsecured port on a computer. Wireless peripherals must meet DOD requirements for wireless data transmission and be approved for use by the authorizing official (AO). Even though some wireless peripherals, such as mice and pointing devices, do not ordinarily carry information that need to be protected, modification of communications with these wireless peripherals may be used to compromise the AlmaLinux OS 9 operating system.

Check

Verify that AlmaLinux OS 9 disables the ability to load the Bluetooth kernel module with the following command:

$ grep -r bluetooth /etc/modprobe.conf /etc/modprobe.d/*

/etc/modprobe.d/bluetooth.conf:install bluetooth /bin/false
/etc/modprobe.d/bluetooth.conf:blacklist bluetooth

If the command does not return any output, or the line is commented out, and use of Bluetooth is not documented with the information system security officer (ISSO) as an operational requirement, this is a finding.

Fix

To configure the system to prevent the Bluetooth kernel module from being loaded, run the following command:

$ cat << EOF | tee /etc/modprobe.d/bluetooth.conf
install bluetooth /bin/false
blacklist bluetooth
EOF
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.