kmm1190
November 26, 2018, 10:10am
1
I am using greenbone security assistant in a docker container “https://github.com/mikesplain/openvas-docker ”
my problem is when i look through the vulerability reports there are a lot of them which relate to not running linux kernels. we run a lot of debian machines and have never cleaned up the old kernels (they are not running anyway).
Is there a possibility to exclude not running kernels ?
TIA
cfi
November 26, 2018, 4:31pm
2
Hi,
if you want to accept the risk of having vulnerable but not running kernel versions installed you can work with Overrides and False Positives .
Lukas
December 29, 2018, 4:38pm
3
In many cases a old Kernel can be loaded within a fail-over scenario or downgrade, you should remove the vulnerable kernel from the systems anyway.
2 Likes
cfi
May 3, 2019, 5:12pm
4
An alternative way to accept the risk of having vulnerable but not running kernel versions on the system is now available:
Scanning / scan configuration
Description Linuxoid systems may have installed several kernels of which of course only one is active. When doing an authenticated scan of such a system, we detect the kernels installed via the most common package managers like apt or RPM and if...
Reading time: 1 mins 🕑
Likes: 2 ❤