Fix false positive: ignore oval info when kernel major version is different #541
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kotakanbe
added a commit
that referenced
this pull request
Nov 15, 2017
* master: Fix yum changelog option (#543) Update README.md (#542) Fix false positive: ignore oval info when kernel major version is different. (#541) Fix: Misdetection of OvalMatch for CentOS and Scientific in oval/util.go (#536) Fix: "Reboot Required" detection process in scan/redhat.go (#534) Remove README.fr.md because unable to maintenance.. README Typo Update (#538) Insert `sudo` only at the beginning of command in deep scan #495 (#539) Fix config.toml validation (#537) Add pseudo server type for non-ssh scanning (only cpe scan) #512 (#531) README Update (#530) Update README send slack msg by api (#525) fix typo Privious -> Previous (#523) Fix package query fails on debian based container (#519) (#522) fix typo from "enviroment" to "environment" (#518) Fix typo in config/jsonloader.go (#517) Modified Spell Miss of "README.md". (#516) Fix .goreleaser.yml Fix a bug of making channels when fill oval information via HTTP (#514)
mai346
added a commit
to mai346/vuls
that referenced
this pull request
Dec 4, 2017
kotakanbe
pushed a commit
that referenced
this pull request
Dec 11, 2017
8 tasks
kotakanbe
added a commit
that referenced
this pull request
Jan 10, 2018
* master: Fixed panic occurred when blank line continued in changelog (#569) Fixed Typo (#574) fix typo(BackSpace) in README.ja.md (#576) Fix a bug of sending to closed socket while oval access via HTTP #578 (#579) fix typo in reports/s3.go (#573) LXC container support without LXD (#552) Support Amazon Linux2 (#562) Fix #548 and #557 - RHEL's Fast Scan no longer required internet connection and root privilege (#559) Change error handling of "Reboot Required" detection (#556) Fix some RPM related commands failed in the container (#554) travis: update go version (#555) Add more kernel related packages (Fix #541) (#551)
13 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What did you implement:
Dirty Cow was miss-detected on RedHat based linux because RedHat7's OVAL has below entry(DIRTY COW).
If the running kernel is 3 series, the version comparison would be wrong.
This CVE was also fixed in kernel 3 series.
https://access.redhat.com/errata/RHSA-2016:2098
So, if the major version of running kernel is different from oval's version, vuls ignore the oval entry.
How did you implement it:
see diff
How can we verify it:
Confirm that the DIRTY COW is not detected.
Todos:
You don't have to satisfy all of the following.
make fmtmake testIs this ready for review?: NO
Is it a breaking change?: NO