Vulnerability Discussion

It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.

Failing to disconnect from collaborative computing devices (i.e., cameras) can result in subsequent compromises of organizational information.

Providing easy methods to physically disconnect from such devices after a collaborative computing session helps to ensure participants actually carry out the disconnect activity without having to go through complex and tedious procedures; it also ensures that microphones built into the cameras are also disabled.

Check

Verify the operating system disables the ability to load the uvcvideo kernel module:

$ grep -r uvcvideo /etc/modprobe.conf /etc/modprobe.d/*

/etc/modprobe.d/uvcvideo.conf:install uvcvideo /bin/false
/etc/modprobe.d/uvcvideo.conf:blacklist uvcvideo

If the command does not return any output, or either line is commented out, and the collaborative computing device has not been authorized for use, this is a finding.

If a built-in camera is not protected with a cover or is not physically disabled, this is a finding.

For an external camera, if there is not a method for the operator to manually disconnect the camera (e.g., unplug, power off) at the end of collaborative computing sessions, this is a finding.

If the device or operating system does not have a camera installed, this requirement is not applicable.

Fix

To configure the system to prevent the uvcvideo kernel module from being loaded, run the following command:

$ cat << EOF | tee /etc/modprobe.d/uvcvideo.conf
install uvcvideo /bin/false
blacklist uvcvideo
EOF