XD/NX (Execute Disable/No Execution) is not enabled
Description
XD/NX (Execute Disable/No Execution) marks the memory pages as executable and non-executable. Further, it detects the presence of executable data in non-executable memory page and terminates the execution of malicious code placed by an attacker. XD/NX is a highly effective security feature that must be enabled in your network computers. Fixing this misconfiguration will enable XD/NX service in your network endpoints.
Severity
important
Category
Linux - OS Security
Resolution
Follow the below steps to resolve the misconfiguration.
On 32 bit systems install a kernel with PAE support, no installation is required on 64 bit
systems:
If necessary configure your bootloader to load the new kernel and reboot the system.
You may need to enable NX or XD support in your bios.
Notes:
Ensure your system supports the XD or NX bit and has PAE support before implementing
this recommendation as this may prevent it from booting if these are not supported by
your hardware.
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
Yes
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.