Sysfs file missing
A recent Greenbone Vulnerability Scanner has detected the following (details at bottom) on a Linux VM (Hyper-V).
The Linux instance is as follows
Distributor ID: Ubuntu
Description: Ubuntu 20.04.5 LTS
Release: 20.04
Codename: focal
Kernel version: 5.4.0-126-generic
Is far as I can tell, this vulnerability has been patched. All updates have been applied to this instance.
This instance has hardly been adjusted from the original iso that I deployed so I'm unsure why this detection is showing up.
Thanks
-----
The Linux Kernel on the remote host is missing the mitigation for the "spec_store_bypass" hardware vulnerabilities as reported by the sysfs interface:
sysfs file checked | Kernel status (SSH response)
-------
/sys/devices/
Notes on the "Kernel status / SSH response" column:
- sysfs file missing: The sysfs interface is available but the sysfs file for this specific vulnerability is missing. This means the kernel doesn't know this vulnerability yet and is not providing any mitigation which means the target system is vulnerable.
- Strings including "Mitigation:", "Not affected" or "Vulnerable" are reported directly by the Linux Kernel.
- All other strings are responses to various SSH commands.
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: