⭐️ use running kernel version for vuln analysis (#1193)

mondoohq · Mar 21, 2024 · 3eadd25 · 3eadd25
1 parent c7b1852
commit 3eadd25
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/apps/cnspec/cmd/vuln.go b/apps/cnspec/cmd/vuln.go
@@ -97,6 +97,11 @@ var vulnCmdRun = func(cmd *cobra.Command, runtime *providers.Runtime, cliRes *pl
 		log.Fatal().Err(err).Msg("failed to initialize advisory scanner client")
 	}
 
+	var runningKernel string
+	if bom.Asset.Labels != nil {
+		runningKernel = bom.Asset.Labels[sbom.LABEL_KERNEL_RUNNING]
+	}
+
 	req := &mvd.AnalyseAssetRequest{
 		Platform: &mvd.Platform{
 			Name:    bom.Asset.Platform.Name,
@@ -106,7 +111,8 @@ var vulnCmdRun = func(cmd *cobra.Command, runtime *providers.Runtime, cliRes *pl
 			Labels:  bom.Asset.Platform.Labels,
 			Title:   bom.Asset.Platform.Title,
 		},
-		Packages: make([]*mvd.Package, 0),
+		Packages:      make([]*mvd.Package, 0),
+		KernelVersion: runningKernel,
 	}
 
 	for i := range bom.Packages {