Title

RHEL 9 must not have the nfs-utils package installed. (Cat II impact)

Discussion

"nfs-utils" provides a daemon for the kernel NFS server and related tools. This package also contains the "showmount" program. "showmount" queries the mount daemon on a remote host for information about the Network File System (NFS) server on the remote host. For example, "showmount" can display the clients that are mounted on that host.

Check Content

Verify that the nfs-utils package is not installed with the following command: $ dnf list --installed nfs-utils Error: No matching Packages to list If the "nfs-utils" package is installed, this is a finding.

Fix Text

Remove the nfs-utils package with the following command: $ sudo dnf remove nfs-utils

Additional Identifiers

Rule ID: SV-257828r1044894_rule

Vulnerability ID: V-257828

Group Title: SRG-OS-000095-GPOS-00049

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.