RHEL kernels not reporting vulnerabilities #33990
Description
Fleet version:
Web browser and operating system:
💥 Actual behavior
Vulns that should show up for RHEL (CentOS and Fedora) OS' Linux kernels are not shown in Fleet.
🛠️ To fix
-
Update goval-dictionary to add arch support for RHEL (in progress)
-
Publish RHEL goval-dictionary sqlite to vulnerabilities repo (see amazon linux)
-
Update fleet to use sqlite for kernel scanning (not all package scanning to keep test scope lower)
-
@noahtalerman: Remove "coming soon" sentence from the vulnerability processing guide:
🧑💻 Steps to reproduce
- Enroll a RHEL (CentOS or Fedora) host in Fleet.
- Run vulns processing
- Note that the Linux kernel shows up as software for this host, but does not have any vulnerabilities.
🕯️ More info (optional)
N/A
Metadata
Metadata
Assignees
Labels
Security & Compliance product groupReady to write code. Scheduled in a release. See "Making changes" in handbook.Something isn't working as documentedBug has been open more than 90 daysThis issue can be QA'd by anyone outside the QA team when capacity allowsIssue regarding ingesting software inventory from a host into Fleet.