Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2025-02-16 17:58:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

only check cpu vulnerabilities if not in container

Browse source 
Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
This commit is contained in:
Martin Schurz 2020-12-16 21:22:48 +01:00
parent 6468210bf7
commit beb89ca8f1
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
controls/os_spec.rb
View file

@ -243,6 +243,7 @@ control 'os-12' do
impact 1.0
title 'Detect vulnerabilities in the cpu-vulnerability-directory'
desc 'Check for known cpu vulnerabilities described here: https://www.kernel.org/doc/html/v5.6/admin-guide/hw-vuln/index.html'
only_if { !container_execution }
if file(cpuvulndir).exist?
describe file(cpuvulndir) do