We are running into an issue where we have applied all the fixes for Findings reported by the AWS Inspector. But, the Inspector Dashboard still reports them as Active instead of Closed. Interestingly, all the Findings related to Kernel updates are closed. Only Findings related to user packages installed via yum are not marked as Closed.
For example, one of the Findings is "CVE-2023-44487 - libnghttp2" which asks to update the libnghttp2 to at least 0:1.41.0-1.amzn2.0.4. We did the fix on the EC2 instance two days ago, but this is still marked as Active in the Inspector Dashboard.
Here's the screenshot of the Finding in the Inspector
And here's the output of yum list libnghttp2
$ sudo yum list libnghttp2
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Installed Packages
libnghttp2.x86_64 1.41.0-1.amzn2.0.4 @amzn2-core
Available Packages
libnghttp2.i686 1.41.0-1.amzn2.0.4 amzn2-core
Update:
Tried installing the i686 package to see if Inspector likes that. Didn't work. Here's the output of yum list libnghttp2 after installing i686
sudo yum list libnghttp2
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Installed Packages
libnghttp2.i686 1.41.0-1.amzn2.0.4 @amzn2-core
libnghttp2.x86_64 1.41.0-1.amzn2.0.4 @amzn2-core