Linux Coverage

Covering Linux related vulnerability data introduces additional challenges as there are many different distributions, packages, and maintainers. We use different approaches to assign such entries depending on the maintainer and/or affected component.

Linux Distributions

  • If a Linux vulnerability is generic and affects core components, then it is assigned to Linux Kernel as product.
  • If a Linux vulnerability affects a specific distribution only, we assign it to the distribution (and not to the generic Linux Kernel). For example Red Hat Enterprise Linux or Debian Linux entries.
  • If a Linux vulnerability affects specific architectures (e.g. x86, x64), the entry uses the field software_platform accordingly. VDB-150513 for example.

Linux Packages

  • If a package is affected in general, we assign it to the specific package. sudo for example.
  • If a package is maintained by a specific Linux distribution, we assign the distribution name to the field software_vendor and the affected package to the field software_name. VDB-109304 for example.
  • If a package on a certain distribution is affected but not maintained by the distribution itself, we assign it to the specific package but define the field software_platform accordingly (e.g. ISC BIND on Red Hat). VDB-100949 for example.
  • If a package affects multiple distributions but not all of them, we assign it to the specific package and add the affected distributions to the field software_affectedlist. VDB-67685 for example.
Details about the different data points and their meanings are documented in the Knowledge Base.

Might our Artificial Intelligence support you?

Check our Alexa App!