Debian Stretch AMI on AWS Marketplace + Meltdown
Hi everyone,
I am trying to publish a new AMI at the AWS Marketplace [1]. My AMI is
based on the Debian Stretch ami-628ad918 [2], which includes kernel
updates for DSA 4078, addressing the Meltdown attack.
However, the AWS scan tool rejects the AMI due to the following issue:
(quote) "Vulnerabilities detected - The following vulnerabilities were
detected and must be addressed: CVE-2017-5754 [3]."
The AMI I submitted has all available Debian updates installed and
reading the description of CVE-2017-5754, this is clearly the Meltdown
attack.
Have I missed anything? Why does the AWS scan tool stumble across this
vulnerability and what can I do to address this issue?
Thanks
Michael
[1] https://aws.amazon.com/marketplace/
[2] https://wiki.debian.org/Cloud/AmazonEC2Image/Stretch
[3] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754
Reply to: