Skip to content

RHEL kernels not reporting vulnerabilities #33990

Closed
Closed
RHEL kernels not reporting vulnerabilities#33990
#39749 (+2)
Assignees
mostlikelee
Labels
#g-security-complianceSecurity & Compliance product group:releaseReady to write code. Scheduled in a release. See "Making changes" in handbook.bugSomething isn't working as documentedcustomer-rialto~aging bugBug has been open more than 90 days~assisting qaThis issue can be QA'd by anyone outside the QA team when capacity allows~software-ingestionIssue regarding ingesting software inventory from a host into Fleet.
Milestone
4.82.0
@mostlikelee

Description

@mostlikelee
mostlikelee
opened on Oct 8, 2025

Fleet version:

Web browser and operating system:

💥  Actual behavior

Vulns that should show up for RHEL (CentOS and Fedora) OS' Linux kernels are not shown in Fleet.

🛠️ To fix

  • Update goval-dictionary to add arch support for RHEL (in progress)

  • Publish RHEL goval-dictionary sqlite to vulnerabilities repo (see amazon linux)

  • Update fleet to use sqlite for kernel scanning (not all package scanning to keep test scope lower)

  • @noahtalerman: Remove "coming soon" sentence from the vulnerability processing guide:

Image

🧑‍💻  Steps to reproduce

  1. Enroll a RHEL (CentOS or Fedora) host in Fleet.
  2. Run vulns processing
  3. Note that the Linux kernel shows up as software for this host, but does not have any vulnerabilities.

🕯️ More info (optional)

N/A

Metadata

Metadata

Assignees

Labels

#g-security-complianceSecurity & Compliance product group:releaseReady to write code. Scheduled in a release. See "Making changes" in handbook.bugSomething isn't working as documentedcustomer-rialto~aging bugBug has been open more than 90 days~assisting qaThis issue can be QA'd by anyone outside the QA team when capacity allows~software-ingestionIssue regarding ingesting software inventory from a host into Fleet.

Type

No type

Projects

🛡️ #g-security-compliance

Status

Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions