Machine Using KPatch-Patch Still Showing As Vulnerable In Red Hat Insights

Solution In Progress - Updated -

Issue

  • A server registered to Red Hat Insights is shown to be vulnerable to a Common Vulnerabilities and Exposures (CVE), despite having and using a kpatch-patch to address the vulnerability.
  • Example:
    A stock RHEL 7.9 server registered to Red Hat Insights is shown to be vulnerable to CVE-2022-32250.  That CVE is addressed by either a kernel update or a kpatch-patch.
    The day after applying the kpatch-patch, Red Hat Insights Inventory still shows the machine (under its Vulnerability tab) vulnerable to that CVE, despite also showing the kpatch-patch RPM installed (under its General Information tab's Installed Packages list).

Environment

  • Red Hat Enterprise Linux 7 (RHEL 7)
  • Red Hat Enterprise Linux 8 (RHEL 8)
  • Red Hat Enterprise Linux 9 (RHEL 9)
  • Red Hat Insights

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content