diff --git a/components/nfs-common.yml b/components/nfs-common.yml
new file mode 100644
index 000000000000..31b0f2666976
--- /dev/null
+++ b/components/nfs-common.yml
@@ -0,0 +1,5 @@
+name: nfs-common
+packages:
+- nfs-common
+rules:
+- package_nfs-common_removed
diff --git a/controls/stig_ubuntu2204.yml b/controls/stig_ubuntu2204.yml
index db8a53a9bcca..6e8941ef5af3 100644
--- a/controls/stig_ubuntu2204.yml
+++ b/controls/stig_ubuntu2204.yml
@@ -143,6 +143,15 @@ controls:
           - package_telnetd_removed
       status: automated
 
+    - id: UBTU-22-215040
+      title: Ubuntu 22.04 LTS must not have the "nfs-kernel-server" package installed.
+      levels:
+          - medium
+      rules:
+          - package_nfs-common_removed
+          - package_nfs-kernel-server_removed
+      status: automated
+
     - id: UBTU-22-231010
       title: Ubuntu 22.04 LTS must implement cryptographic mechanisms to prevent unauthorized disclosure
           and modification of all information that requires protection at rest.
diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-common_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-common_removed/rule.yml
new file mode 100644
index 000000000000..fd114321b115
--- /dev/null
+++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-common_removed/rule.yml
@@ -0,0 +1,22 @@
+documentation_complete: true
+
+title: 'Uninstall nfs-common Package'
+
+description: |-
+    {{{ describe_package_remove(package="nfs-common") }}}
+
+rationale: |-
+    If the system does not export NFS shares or act as an NFS client, it is
+    recommended that these services be removed to reduce the remote attack
+    surface.
+
+severity: low
+
+{{{ complete_ocil_entry_package(package="nfs-common") }}}
+
+fixtext: '{{{ fixtext_package_removed("nfs-common") }}}'
+
+template:
+    name: package_removed
+    vars:
+        pkgname: nfs-common