ASLR checks in versions of RHEL CIS are giving False positives

1 votes

Hi,
I have looked into the profiles of CIS for Red Hat Enterprise, and found the checks for ASLR are implemented differently.

(FP = False Positive)
CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 §1.4.1 FP
CIS Red Hat Enterprise Linux 8 Benchmark v4.0.0 §1.5.8 TP
CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0 §1.5.1 FP
CIS Red Hat Enterprise Linux 10 Benchmark v1.0.1 §1.5.8 TP

Only RHEL 8 and RHEL 10 has working versions. Can you fix the RHEL 7 and RHEL 9 scripts?

Done Benchmark Community Suggestion Suggested by: Mattias Lindström (11 Nov, '25) • Upvoted: 11 Nov, '25 • Comments: 1

Comments: 1
Oldest • Newest • Most likes • Fewest likes

17 Nov, '25
Chris Boldiston Admin
Hi Mattias

Thanks for the information however, can I ask you to log that information for the Red Hat Linux Community https://workbench.cisecurity.org/communities/14

That is where the community provides input for specific Benchmark recommendations and your suggested changes will be considered.

Thanks

Chris

ASLR checks in versions of RHEL CIS are giving False positives

Comments: 1 Oldest • Newest • Most likes • Fewest likes

Comments: 1
Oldest • Newest • Most likes • Fewest likes