diff --git a/components/kernel.yml b/components/kernel.yml
index 3303bb76716..454cdf09dff 100644
--- a/components/kernel.yml
+++ b/components/kernel.yml
@@ -61,6 +61,7 @@ rules:
 - kernel_config_module_sig_hash
 - kernel_config_module_sig_key
 - kernel_config_module_sig_sha512
+- kernel_config_modules
 - kernel_config_page_poisoning
 - kernel_config_page_poisoning_no_sanity
 - kernel_config_page_poisoning_zero
diff --git a/controls/anssi.yml b/controls/anssi.yml
index 665fd4073ca..87032307f51 100644
--- a/controls/anssi.yml
+++ b/controls/anssi.yml
@@ -579,6 +579,9 @@ controls:
     - kernel_config_hibernation
     - kernel_config_binfmt_misc
     - kernel_config_legacy_ptys
+    related_rules:
+    # This rule isn't included in any profile therefore it won't appear in the built data stream.
+    - kernel_config_modules
 
 
   - id: R24
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_modules/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_modules/rule.yml
new file mode 100644
index 00000000000..adce0d66af6
--- /dev/null
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_modules/rule.yml
@@ -0,0 +1,34 @@
+documentation_complete: true
+
+title: Disable Support for Kernel Modules
+
+description: |-
+    Kernel modules are small pieces of compiled code which can be inserted in the running kernel, rather than being permanently built into the kernel.
+    If module support isn't neccessary, it must be disabled.
+
+    {{{ describe_kernel_build_config("CONFIG_MODULES", "n") | indent(4) }}}
+
+rationale: |-
+    Disabling support for kernel modules will prevent loading unwanted modules.
+
+warnings:
+    {{{ warning_kernel_build_config() | indent(4) }}}
+
+severity: low
+
+identifiers:
+    cce@rhel7: CCE-86302-7
+    cce@rhel8: CCE-86303-5
+    cce@rhel9: CCE-86304-3
+
+ocil_clause: 'the kernel was not built with the required value'
+
+ocil: |-
+    {{{ ocil_kernel_build_config("CONFIG_MODULES", "n") | indent(4) }}}
+
+template:
+    name: kernel_build_config
+    vars:
+        config: CONFIG_MODULES
+        value: 'n'
+
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
index 80c5472525f..49cdd08b3d1 100644
--- a/shared/references/cce-redhat-avail.txt
+++ b/shared/references/cce-redhat-avail.txt
@@ -88,9 +88,6 @@ CCE-86290-4
 CCE-86291-2
 CCE-86293-8
 CCE-86294-6
-CCE-86302-7
-CCE-86303-5
-CCE-86304-3
 CCE-86305-0
 CCE-86306-8
 CCE-86307-6