-
Story
-
Resolution: Won't Do
-
Undefined
-
None
-
None
-
None
-
False
-
False
-
In the `rhel-7-including-unpatched` file under `oval:com.redhat.rhsa:def:20170372` there are kernel vulnerabilities that we have a couple of questions on:
- The package `kernel` is marked as fixed in `0:4.5.0-15.2.1.el7` in this OVAL file, but here it is marked as fixed in the 3.10 kernel. Could please explain this difference of versions so that we know if and when we should raise this vulnerability?
- Also this link - https://access.redhat.com/errata/RHSA-2017:0372, does not work I think? It's the RHSA associated with the definition ID in the OVAL.
- In general, could you explain or send us where we can find information on the meaning of these `kernel` packages? Are they user-mode packages that it makes sense to install within a container (we do see that is is possible to install them using a regular package manager), or are they Kernel related?
Thank you!
Hadas from Snyk