AnsweredAssumed Answered

Kernel-alt false positive vulnerabilites

Question asked by yonatan amitay on Jan 26, 2020

Hi everyone,

I have an asset (RHEL 7.6) that has the latest kernel version available, after scanning I've got new vulnerabilities related to 'Kernel-alt' package. The asset doesn't have kernel-alt installed and even not recognized it on the repo. It seems like this package only related to ARM processors which my machine doesn't have.

Example vulnerability: QID-237631

Any idea why I got this false positive? how can I filter-out these vulnerabilities on scanning results (not reporting)?

 

Thank you,

Yonatan

Outcomes