Cheat Sheets

Security - Execute Disable Support

Description

On Intel CPUs execute disable protection should be active

Tags

  • CCE-27001-4

Check Script: security-nx-enabled.sh

#!/bin/bash

if [[ $(dmesg | grep '[NX|DX]*protection: active') == "" ]]; then result_failed "Intel Execute Disable support not active!" fi