How to run CVE checker on yocto image for iM6SX

pranavmondhe14 · ‎06-10-2019

Hi Guys

We are using customized yocto linux kernel and running some C++ code for industrial application.

Where i can find CVE (Common Vulnurabilites and Exposures) tools to check for my custom-ed yocto image.

I need to address if i have any issues of packages if any by running CVE for my image

I dont know much about yocto build project, I don't have build environment with me, i just want to run on image previously given to me by a vendor on the sabre board running yocto image

Below are image details:

Booting Linux on physical CPU 0x0
Linux version 3.14.28-1.0.0_ga+g91cf351 (bytesnap@manifests2) (gcc version 5.4.0 (GCC) ) #1 SMP PREE
CPU: ARMv7 Processor [412fc09a] revision 10 (ARMv7), cr=10c53c7d

Best Regards

Pranav Mondhe

pranavmondhe14 · ‎06-11-2019

HI have found below cve check tool that will identify potentially vunlnerable software packages within Linux distributions through version matching.

https://github.com/clearlinux/cve-check-tool

I have no idea how to run this on my sabre board.

Please anyone can guide me how to run above tool ?

Best Regards

Pranav

How to run CVE checker on yocto image for iM6SX

How to run CVE checker on yocto image for iM6SX

Android

Graphics & Display

i.MX 8 Family | i.MX 8QuadMax (8QM) | 8QuadPlus

i.MX 8M | i.MX 8M Mini | i.MX 8M Nano

i.MX2x

i.MX50

i.MX51

i.MX53

i.MX6_All

i.MX6DL

i.MX6Dual

i.MX6DualPlus6QuadPlus

i.MX6Quad

i.MX6S

i.MX6SL

i.MX6SoloX

i.MX6UL

i.MX7Dual

i.MX7Solo

i.MX7ULP

i.MXRT

Linux

Multimedia

PMIC

SCM-i.MX6DQ

Security

Suspected Software Defect

Windows

Yocto Project