The only legitimate location for device files is the "/dev" directory located on the root partition. The only exception to this is chroot jails.
Check
Verify RHEL 10 is configured so that the "/boot" mount point has the "nodev" option with the following command:
$ mount | grep '\s/boot\s' /dev/sda1 on /boot type xfs (rw,nodev,nosuid,relatime,seclabel,attr2)
If the "/boot" file system does not have the "nodev" option set, this is a finding.
Fix
Configure RHEL 10 to mount "/boot" with the "nodev" option.
Modify "/etc/fstab" to use the "nodev" option on the "/boot" directory.
To reload all implicit mount units and update the dependency graph so that new options will apply correctly at next remount, run the following command:
$ sudo systemctl daemon-reload
Use the following command to apply the changes immediately without a reboot: