Greenbone’s OPENVAS SCAN Now Covers Red Hat 10 and Rocky Linux 10 Security Advisories!

Operating system (OS) security updates are critical for maintaining a strong enterprise security posture. OS vulnerabilities in on-prem and cloud assets, fleets of staff workstations, development environments, container hosts, virtualization platforms, and edge infrastructure may offer an attacker the initial access they need to execute a costly cyber attack. Linux, especially Red Hat Enterprise Linux (RHEL), is often the OS of choice for mission-critical enterprise servers, cloud workloads, and security-sensitive production environments.

New regulations and compliance requirements are placing greater accountability and burden on security teams. Defenders need improved visibility into emerging security risks in order to effectively prioritize remediation.

Defenders deploying Linux will be excited to know that Greenbone’s OPENVAS SCAN now includes detection for RHEL 10 and Rocky Linux 10 security advisories via the OPENVAS ENTERPRISE FEED. Support for RHEL 10 and Rocky Linux 10 adds to existing detection capabilities for RHEL 7, 8, and 9 [1][2][3], and Rocky Linux 8 and 9 [4][5]. Defenders can try Greenbone’s OPENVAS BASIC for free, including a two-week trial of the OPENVAS ENTERPRISE FEED.

Linux software vulnerabilities present a significant IT security risk. Vulnerabilities must be publicly disclosed for defenders to maintain visibility and apply patches, but disclosure also gives attackers insight into new potential attack vectors.

Greenbone’s OPENVAS SCAN has industry-leading detection for all popular Linux distributions via authenticated Local Security Checks (LSC).  Authenticated LSCs for Linux provide the most reliable detection because they analyze endpoint systems from within, building an asset inventory, uncovering package-level software vulnerabilities, and identifying other security misconfigurations.

Support for Red Hat Enterprise Linux (RHEL) 10 Security Advisories is Here!

Red Hat publishes Security Advisories (RHSAs) to its Customer Portal. A typical RHSA includes an advisory ID, synopsis, severity, affected products, and remediation details, plus a list of relevant CVE IDs, their impact, and Common Vulnerability Scoring System (CVSS) score.

Organizations deploying RHEL 10 will be excited to know that Greenbone’s OPENVAS SCAN now supports vulnerability detection for RHEL 10 security advisories. RHEL 10 coverage is only available with an active subscription for the OPENVAS ENTERPRISE FEED. Right now, defenders can try Greenbone’s OPENVAS BASIC for free, including a two-week trial of the OPENVAS ENTERPRISE FEED.

• Visit the official site for RHEL Linux security advisories
• View all OPENVAS SCAN vulnerability tests for RHEL 10

Support for Rocky Linux 10 Security Advisories is Here!

Rocky Linux is a community-driven, enterprise-focused Linux distribution designed to be compatible with RHEL. The Rocky Linux kernel is built from publicly available Red Hat sources and aligned with the same core ecosystem for package management, SELinux for security hardening, and systemd for system-level service architecture. Rocky is typically chosen by organizations that want the stability that RHEL offers without the subscription costs—typically cloud hosting providers, lab environments, and SaaS teams running large fleets.

Organizations deploying Rocky Linux 10 will be excited to know that Greenbone’s OPENVAS SCAN now supports vulnerability detection for Rocky Linux 10 security advisories. Rocky Linux 10 coverage is only available with an active subscription for the OPENVAS ENTERPRISE FEED. Right now, defenders can try Greenbone’s OPENVAS BASIC for free, including a two-week trial of the OPENVAS ENTERPRISE FEED.

• Visit the official site for Rocky Linux security advisories
• View all OPENVAS SCAN vulnerability tests for Rocky 10

From Discovery, to Disclosure, and Patch: The Lifecycle of a Linux Vulnerability

Linux vulnerabilities typically follow a coordinated process as they progress from discovery to patching. Due to the complexity of the Linux ecosystem—where a single upstream kernel flows downstream into many individual distributions—vulnerabilities affecting the Linux kernel or user-space packages follow a distinct path from other software vulnerabilities.

The typical lifecycle of a Linux security vulnerability includes:

1. Discovery and reproduction: Security researchers discover a flaw, document its exploitation as a repeatable test case and compile a list of versions or specific configurations that are affected.  Other key information includes the technical impact of exploitation: crash, information leak, privilege escalation, and the proposed fix.
2. Responsible disclosure: Responsible disclosure means reporting the flaw to product owners before the public, and allowing time for verification and patch deployment. Linux kernel flaws should be communicated to the kernel security team. For user-space packages distributed in a Linux repository, reporting should be directed to the project or package maintainers using their published security contact.
3. Triage and scoping: The relevant security team and maintainers verify the issue, affected versions and configurations, and coordinate with the original reporter to validate fixes and mitigations.
4. Coordinated rollout strategy: Vulnerabilities may require a coordinated rollout when multiple vendors, projects, or distributions must prepare patches before public disclosure. Coordination prevents an extended exposure window—when the vulnerability is known, but patches are not available.
5. Patch development: A fix is prepared and reviewed by the responsible security team members; sensitive details are restricted to the minimum needed to review and test.
6. Upstream release: The fix lands in the mainline (or the upstream project release). Updates to stable releases and Long Term Support (LTS) releases generally require an upstream fix before the patch can be backported, packaged, and distributed through downstream vendor security updates. Unpublished security fixes have special handling requirements to reduce accidental early disclosure.
7. Downstream inclusion: Downstream Linux maintainers backport the fix to the versions they ship, rebuild kernel/package updates, and run regression/compatibility testing. Once tested, updates are pushed to the package repositories for each Linux distribution where end-users can access them.
8. Full disclosure via CVE assignment: Common Vulnerabilities and Exposures (CVEs) are commonly used to facilitate full public disclosure of software vulnerabilities, allowing global coordination. Kernel.org is the official CVE Numbering Authority (CNA) for the Linux kernel. Ideally, once a patch has been published to downstream Linux repositories, the kernel CNA team assigns CVE IDs for the patched issues. They are then published to the MITRE cve.org catalog, where they are picked up for enrichment by the NIST National Vulnerability Database (NVD) and global IT security teams for analysis.
9. Advisories and user updates: Individual Linux distributions publish security advisories with vulnerability metadata. These advisories identify the affected packages and versions, document the fixed package versions, and provide update instructions so system owners can assess exposure, deploy patches, and verify remediation across their environments.

Summary

Linux systems form the backbone of many enterprise environments, supporting critical infrastructure, cloud platforms, and production workloads. Maintaining Linux security requires consistent visibility into vulnerabilities and timely patch management. Effective OS-level vulnerability management reduces exposure to exploitation, supports regulatory compliance demands, and helps organizations maintain a resilient security posture.

Organizations deploying Linux can now use Greenbone’s OPENVAS SCAN to detect RHEL 10 and Rocky Linux 10 security advisories via the OPENVAS ENTERPRISE FEED along with detection for other Linux distributions, including Amazon Linux, Oracle Linux, AlmaLinux OS, FortiOS, and more. Many other popular Linux OSs are supported in both the OPENVAS ENTERPRISE FEED and COMMUNITY FEED, including, Ubuntu, Fedora, Debian, Suse, OpenSuse, Huawei EulerOS, OpenEuler, Mageia, and more.

Defenders can try Greenbone’s OPENVAS BASIC for free, including a two-week trial of the OPENVAS ENTERPRISE FEED.