False positives from C-0086

[craigbox]

Linux Kernel vulnerability CVE-2022-0492 may allow malicious code running inside container to escape container isolation and gain root privileges on the entire node. When fixed Kernel version numbers will become available, this control will be modified to verify them and avoid false positive detections. This control identifies all the resources that don't deploy neither AppArmor nor SELinux, run as root or allow privileged escalation or have corresponding dangerous capabilities.

Have fixed kernel version numbers become available?

[dwertent]

@slashben What do you think about this issue?

[slashben]

@slashben What do you think about this issue?

I have checked the affected versions table at NVD. Seems like a very complex thing to manage from rego.

Maybe we should remove this control while we decided how to handle this properly.

[Oshratn]

Decision:
Will be removed from the control list (and documentation) to be raplaced in the future with: host vulnerbality scanning.