How do i you decide whats safe to run
I recently ran Gossa on my home server using Docker, mounting it to a folder. Since I used rootless Docker, I was curious - if Gossa were to be a virus, would I have been infected? Have any of you had experience with Gossa?
The Linux kernel recently became a CVE numbering authority. That means that there are now tons of CVEs coming out but the overwhelming majority aren’t easily exploitable. They can be rated pretty high with no actual impact. Furthermore, a lot of them require a very specific setup with specific kernel components. It is best to look at the exploitablity score and the recommended CISA actions.