OpenSCAP reports show kernel vulnerabilities even when latest kernel is installed

Solution Unverified - Updated -


Even if a system has the latest Red Hat Enterprise Linux (RHEL) kernel installed and that kernel is running, OpenSCAP scans against Red Hat provided OVAL and XCCDF data can result in reported kernel related failures (I.E. showing that the system is considered non-compliant/vulnerable). Red Hat Security Advisories (RHSAs) related to those vulnerabilities are seen to be resolved via kernel versions that are earlier than or equal to the system's running kernel.


  • Red Hat Enterprise Linux 5.
  • Red Hat Enterprise Linux 6.
  • Red Hat Enterprise Linux 7.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content