iancampbell
commented
2 years ago The -k option allows for the specification of an external or not standard location of the kernel config. Uploading a kernel config allows Vigiles to filter out CVEs that are not applicable to your configuration as some CVEs may only affect modules that are not enabled in your configuration.
There is currently no way to manually specify the directory to look for specific packages, including the kernel.
To help us reproduce and fix this issue please provide us with the following information if you are able to:
- OpenWrt version
- Kernel version
- .config file
- Is this an external kernel?
If you are unable to publicly share this information an issue can also be created through our support portal.
valdumped
Hello, I have tried to run a scan on an openwrt generic x86 build. The scan runs fine and find userspace vulnerabilities until the kernel config is retrieved and I get the Warning message : "Vigiles WARNING: Kernel Config: Kernel Build directory not found."
Using the -k option with specific path to the kernel configuration in the debug messages i can see that the kernel configuration is taken into account, but if I read the documentation correctly, this option only allows you to filter the CVEs ?
How can I get Vigiles to find my Kernel build directory? Or what is the default path to use in order to retrieve this configuration?
Thank you for your answer