=== brassado is now known as sam_sepi0l [14:52] I found another CVE OVAL false positive: CVE-2022-30594 was marked as fixed for the linux source package in Focal on May 24 (UTC) in the Ubuntu CVE Tracker, but my Ubuntu system (that only has that kernel) is marked as vulnerable. [14:52] The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. [14:53] s/my Ubuntu system/one of my Ubuntu systems/ [14:56] Same for CVE-2022-29968, that was marked as not vulnerable [14:56] An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. [14:57] Marked on May 6 (UTC), and my analysis was on July 19 (UTC). [14:58] s/analysis/scan/ [18:33] More false positives with the same kernel on the same Ubuntu release: CVE-2022-29582 (not vulnerable), CVE-2022-29581 (released) [18:33] In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. [18:34] Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. [18:35] Marked on May 4 and May 24, respectively [18:49] luis220413: I don't know how you scan for vulnerabilities, but some vulnerability scanning software only looks at version numbers, and not at patches... :-/ [18:50] JanC: I am using OpenSCAP with Canonical's CVE OVAL.