From 0f8b0d97a6fe215c2cf9c99f4307770a66f9ab5d Mon Sep 17 00:00:00 2001
From: MaineK00n <mainek00n.1229@gmail.com>
Date: Tue, 12 Nov 2024 04:11:40 +0900
Subject: [PATCH] fix(scanner/debian): fill kernel version from kernel package

---
 scanner/base.go | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/scanner/base.go b/scanner/base.go
index 8c07ec9717..e54cc64e79 100644
--- a/scanner/base.go
+++ b/scanner/base.go
@@ -18,7 +18,6 @@ import (
 	fanal "github.com/aquasecurity/trivy/pkg/fanal/analyzer"
 	tlog "github.com/aquasecurity/trivy/pkg/log"
 	xio "github.com/aquasecurity/trivy/pkg/x/io"
-	debver "github.com/knqyf263/go-deb-version"
 
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/constant"
@@ -148,19 +147,15 @@ func (l *base) runningKernel() (release, version string, err error) {
 
 	switch l.Distro.Family {
 	case constant.Debian:
-		r := l.exec("uname -a", noSudo)
+		r := l.exec(fmt.Sprintf("dpkg-query -W -f='${Version}' linux-image-%s", release), noSudo)
 		if !r.isSuccess() {
-			return "", "", xerrors.Errorf("Failed to SSH: %s", r)
-		}
-		ss := strings.Fields(r.Stdout)
-		if 6 < len(ss) {
-			version = ss[6]
-		}
-		if _, err := debver.NewVersion(version); err != nil {
-			version = ""
+			l.log.Debugf("Failed to get the running kernel version. err: %s", r.Stderr)
+			return release, "", nil
 		}
+		return release, r.Stdout, nil
+	default:
+		return release, "", nil
 	}
-	return
 }
 
 func (l *base) allContainers() (containers []config.Container, err error) {