Hi BigFix Masters,
Recently i faced a situation related to RHEL patching which was lil bit tricky and have confused me:
We have a VA scanning team where they scanned a RHEL 8 server, in the scan report we were able to see that there were some vulnerabilities which were opened for Container but in that RHEL server no container was installed nor enabled. When we were checking the patch related to the shared CVE we were able to see that the patch is greyed out and not applicable on any of the servers.
Name of the patch and CVE: CVE-2020-10749
(RHSA-2020:4694 - Container-Tools:rhel8 Security, Bug Fix, And Enhancement Update - Red Hat Enterprise Linux 8 (x86_64))
We opened a support ticket for the same where the HCL support engineer said the same thing that you will have to enable or install container to install the patch. As the team did not wanted to install the container on the production server they took the exception and moved ahead.
But few days back the team got a chance to take the full access of internet and they did a yum update on that system and the even the container vulnerability was fixed.
So i have a query if the container was snot installed or enabled how did the container CVE got fixed is there something which i am missing.
Any info related to this will be helpful.
Note - We use plugin method for patch deployment.
Thanks in advance,
Regards,
KK