Hi,
I've a Oracle Linux 7.9 machine with the latest patches (yum update) but our security scan solution sees a vulnerability in the kernel-uek: CVE-2022-2602
The kernel version is 5.4.17-2136.307.3.6.el7uek.x86_64 but the previous two kernel-uek are still on the system (yum installonly_limit=3)
I think the sec scan is looking at the old kernels-uek. How can I see which package did solve CVE-2022-2602?
I tried commands like yum list update --security|grep -i CVE-2022-260 but I don't see it.
regards,
Ivan
I've a Oracle Linux 7.9 machine with the latest patches (yum update) but our security scan solution sees a vulnerability in the kernel-uek: CVE-2022-2602
The kernel version is 5.4.17-2136.307.3.6.el7uek.x86_64 but the previous two kernel-uek are still on the system (yum installonly_limit=3)
I think the sec scan is looking at the old kernels-uek. How can I see which package did solve CVE-2022-2602?
I tried commands like yum list update --security|grep -i CVE-2022-260 but I don't see it.
regards,
Ivan