Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities

mujahed · March 4, 2025, 12:17pm

GKE linux Kernel Vulnerabilities:
when scan on ubuntu 22.04 LTS it shows lot of high vulnerabilities

n-thumann · March 4, 2025, 2:14pm

Hi @mujahed,
would you mind posting screenshots of one or two expanded results? That way I can see the fixed version and the version installed on your system

Lukas · March 6, 2025, 10:16am

Did you checked to remove the vulnerable packages as well ? This USN Advisories are for 22.04-LTS and 20.04-LTS so i guess you have a big installation issue.

Just patching leaves the vulnerable packages on the system or even worse if you don´t reboot running this vulnerable kernels active.

mujahed · March 9, 2025, 10:39pm

HI Lukas,

when i scan with Greenbone Community edition i get these vulnerabilities,
but when i scan with Qualys i cannot see these vulnerabilities

mujahed · March 9, 2025, 10:42pm

Hi, @n-thumann,

i shared 2 vulnerability screenshots.

n-thumann · March 10, 2025, 12:05pm

Thanks for the screenshots! I was able to reproduce your issue and forwarded accordingly.

cfi · March 10, 2025, 12:38pm

Note that the comparison logic is not within any VT / NASL script but within the notus-scanner component so adjusted the category accordingly.

Lukas · March 10, 2025, 2:19pm

I don´t know how Qualys is handling that please inform us if you still have the vulnerable software installed at the point of Greenbone scan ? That this is not a FP and legit.

n-thumann · March 27, 2025, 12:56pm

Hi @mujahed, we’ve just rolled out a fix for this issue.
Please update to feed version 202503270645 or higher and let me know whether it’s fixed now.

mujahed · April 9, 2025, 8:18am

hi @n-thumann,

i updated Feed version to 20250407T0647 but still i find some package issues.
kindly find attached screen shots.

n-thumann · April 9, 2025, 8:26am

The scan result shows that you have linux-image-gke-5.15 version 5.15.0-1067.66 installed, but USN-7100-1 fixes a vulnerability in 5.15.0.1069.68. Therefore, you still have the vulnerable kernel package installed.
Like Lukas mentioned before, make sure you have actually removed the old / vulnerable kernel packages.

mujahed · April 10, 2025, 9:41am

For each single vulnerability there is a different fix version.

n-thumann · April 10, 2025, 10:09am

This is correct, because your installed version (5.15.0.1067.66) is affected by multiple Ubuntu Security advisories, e.g.

To not be affected by USN-7179-3, remove versions lower than 5.15.0.1072.71
To not be affected by USN-7387-1, remove versions lower than 5.15.0.1077.76

Please make sure you not only have the latest fixed kernel package installed, but also that you removed older, vulnerable packages (like 5.15.0.1067.66). You can check which packages you have installed using dpkg -l 'linux-image-gke-5.15*'.

mujahed · April 16, 2025, 1:34pm

Hi @n-thumann,

it worked thanks for your cooperation.

system · June 2, 2025, 12:17pm

This topic was automatically closed after 90 days. New replies are no longer allowed.