Title

The Red Hat Enterprise Linux operating system must be a vendor-supported release. (Cat I impact)

Discussion

An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software. The Red Hat Enterprise Linux (RHEL) Extended Life Cycle Support Add-On (ELS) is an offering, for a fee, that provides extended support once a product is retired and has entered the Extended Life Phase. ELS allows customers to continue to receive critical impact security fixes and selected urgent priority bug fixes on a specific major version of RHEL from the end of its regular life cycle for an extended and defined period. ELS is only applicable to the last minor release of the given major release.

Check Content

Verify the version of the operating system is vendor supported. Check the version of the operating system with the following command: # cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.10 (Santiago) Current end of maintenance support for RHEL 6.10 is 30 November 2020. If the release is not supported by the vendor, this is a finding. Note: RHEL ELS is available for RHEL 6.10 with a proposed end of support 30 June 2024.

Fix Text

Upgrade to a supported version of the operating system.

Additional Identifiers

Rule ID: SV-224669r603264_rule

Vulnerability ID: V-224669

Group Title: SRG-OS-000480

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.