My OS is up to date, why I still get the CVE exposure report?

[GoliTech]

After updating my OS I run the script again and it shows me some CVEs. Does this mean my OS is still vulnerable?

[bcoles]

After updating my OS I run the script again and it shows me some CVEs. Does this mean my OS is still vulnerable?

Unlikely but impossible to say without seeing the output.

[GoliTech]

@bcoles

[GoliTech]

@bcoles I just scanned the official Ubuntu docker image

[bcoles]

The match for nft_object UAF (CVE-2022-2586) does not set a maximum kernel version. This is likely a false positive.

linux-exploit-suggester/linux-exploit-suggester.sh

Line 947 in 8867882

Reqs: pkg=linux-kernel,ver>=3.16,CONFIG_USER_NS=y,sysctl:kernel.unprivileged_userns_clone==1

sudo Baron Samedit and sudo Baron Samedit 2 (CVE-2021-3156) exploit a vulnerability in sudo which was patched in 2021.

The match for both of these is a simple check for the sudo package version below 1.9.5p2. This is likely a false positive; however, you should check your version of sudo (apt version sudo / sudo --version).

linux-exploit-suggester/linux-exploit-suggester.sh

Line 1501 in 8867882

Reqs: pkg=sudo,ver<1.9.5p2

linux-exploit-suggester/linux-exploit-suggester.sh

Line 1512 in 8867882

Reqs: pkg=sudo,ver<1.9.5p2