RHEL 9 must have the pcsc-lite package installed.

STIG ID: RHEL-09-611175  |  SRG: SRG-OS-000375-GPOS-00160 |  Severity: medium |  CCI: CCI-004046,CCI-001948 |  Vulnerability Id: V-258124

Vulnerability Discussion

The pcsc-lite package must be installed if it is to be available for multifactor authentication using smart cards.

Check

Verify that RHEL 9 has the pcsc-lite package installed with the following command:

$ sudo dnf list --installed pcsc-lite

Example output:

pcsc-lite.x86_64 1.9.4-1.el9

If the "pcsc-lite" package is not installed, this is a finding.

Note: If the system administrator (SA) demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.

Fix

The pcsc-lite package can be installed with the following command:

$ sudo dnf install pcsc-lite