feat(debian): validate running kernel version (#1382)

* feat(debian): validate running kernel version

* chore(gost/debian): only stash when there is linux package

scanner/serverapi.go

@@ -7,13 +7,15 @@ import (
 	"os"
 	"time"
 
+	debver "github.com/knqyf263/go-deb-version"
+	"golang.org/x/xerrors"
+
 	"github.com/future-architect/vuls/cache"
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/constant"
 	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
-	"golang.org/x/xerrors"
 )
 
 const (
@@ -23,10 +25,9 @@ const (
 )
 
 var (
-	errOSFamilyHeader      = xerrors.New("X-Vuls-OS-Family header is required")
-	errOSReleaseHeader     = xerrors.New("X-Vuls-OS-Release header is required")
-	errKernelVersionHeader = xerrors.New("X-Vuls-Kernel-Version header is required")
-	errServerNameHeader    = xerrors.New("X-Vuls-Server-Name header is required")
+	errOSFamilyHeader   = xerrors.New("X-Vuls-OS-Family header is required")
+	errOSReleaseHeader  = xerrors.New("X-Vuls-OS-Release header is required")
+	errServerNameHeader = xerrors.New("X-Vuls-Server-Name header is required")
 )
 
 var servers, errServers []osTypeInterface
@@ -162,8 +163,15 @@ func ViaHTTP(header http.Header, body string, toLocalFile bool) (models.ScanResu
 	}
 
 	kernelVersion := header.Get("X-Vuls-Kernel-Version")
-	if family == constant.Debian && kernelVersion == "" {
-		return models.ScanResult{}, errKernelVersionHeader
+	if family == constant.Debian {
+		if kernelVersion == "" {
+			logging.Log.Warn("X-Vuls-Kernel-Version is empty. skip kernel vulnerability detection.")
+		} else {
+			if _, err := debver.NewVersion(kernelVersion); err != nil {
+				logging.Log.Warnf("X-Vuls-Kernel-Version is invalid. skip kernel vulnerability detection. actual kernelVersion: %s, err: %s", kernelVersion, err)
+				kernelVersion = ""
+			}
+		}
 	}
 
 	serverName := header.Get("X-Vuls-Server-Name")