OL 8 must be configured to disable the ability to use USB mass storage devices.

STIG ID: OL08-00-040080  |  SRG: SRG-OS-000114-GPOS-00059 |  Severity: medium |  CCI: CCI-000778 |  Vulnerability Id: V-248837 | 

Vulnerability Discussion

USB mass storage permits easy introduction of unknown devices, thereby facilitating malicious activity.

Check

Determine if USB mass storage is disabled with the following command:

$ sudo grep usb-storage /etc/modprobe.d/* | grep -i "blacklist" | grep -v "^#"

/etc/modprobe.d/blacklist.conf:blacklist usb-storage

If the command does not return any output or the output is not "blacklist usb-storage", and use of USB storage devices is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.

Fix

Configure OL 8 to disable the ability to use USB mass storage devices.

$ sudo vi /etc/modprobe.d/blacklist.conf

Add or update the line:

blacklist usb-storage