Title

The Red Hat Enterprise Linux operating system must be a vendor supported release. (Cat I impact)

Discussion

An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software. Red Hat offers the Extended Update Support (EUS) Add-On to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. RHEL 7.7 marks the final minor release that EUS will be available, while 7.9 is the final minor release overall.

Check Content

Verify the version of the operating system is vendor supported. Check the version of the operating system with the following command: # cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.9 (Maipo) Current End of Extended Update Support for RHEL 7.6 is 31 May 2021. Current End of Extended Update Support for RHEL 7.7 is 30 August 2021. Current End of Maintenance Support for RHEL 7.9 is 30 June 2024. If the release is not supported by the vendor, this is a finding.

Fix Text

Upgrade to a supported version of the operating system.

Additional Identifiers

Rule ID: SV-204458r744100_rule

Vulnerability ID: V-204458

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.