check_sys/vulnerabilities/sysctl.py

#!/usr/bin/env python3

# Define the entry

def sysctl() -> list:
    sysctl = list()

    # https://access.redhat.com/security/sysctl/sysctl-2023-0179
    sysctl.append({
        "from": "cve",
        "id": "cve-2023-0179",
        "description": "",
        "flag": "kernel.unprivileged_userns_clone",
        "value": 0,
        "level": "medium",
        "recommendation": "You should disable this flag for resolving the issue",
        "affectedSystem": ({
            'linux': "Debian",
            'release': 'buster',
            'kernel': '4.19.249-2'
        })
    })

    # Best practice from CIS
    sysctl.append({
        "from": "cis",
        "id": "",
        "description": "Disable IPv4 forwarding",
        "flag": "net.ipv4.conf.all.forwarding",
        "recommendation": "You should disable this flag for resolving the issue",
        "value": 0,
        "level": "medium"
    })

    return sysctl