OpenSCAP reports show kernel vulnerabilities even when latest kernel is installed

Solution Unverified - Updated -

Issue

Even if a system has the latest Red Hat Enterprise Linux (RHEL) kernel installed and that kernel is running, OpenSCAP scans against Red Hat provided OVAL and XCCDF data can result in reported kernel related failures (I.E. showing that the system is considered non-compliant/vulnerable). Red Hat Security Advisories (RHSAs) related to those vulnerabilities are seen to be resolved via kernel versions that are earlier than or equal to the system's running kernel.

Environment

  • Red Hat Enterprise Linux 5.
  • Red Hat Enterprise Linux 6.
  • Red Hat Enterprise Linux 7.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.