Hi Stephen:
I hope you are fine.
This vulnerability is also affecting Kernel in different Red Hat versions as was reported in the following document:
If you want to check the information in Wazuh CVE DB, you can do:
[]# sqlite3 /var/ossec/queue/vulnerabilities/cve.db
SQLite version 3.7.17 2013-05-20 00:56:22
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> .headers on
sqlite> .tables
ADVISORIES_INFO CPE_INDEX NVD_METADATA
AGENTS METADATA NVD_METRIC_CVSS
AGENT_HOTFIXES MSU NVD_REFERENCE
ARCHITECTURES MSU_SUPERSEDENCE REFERENCES_INFO
BUGZILLA_REFERENCES_INFO NVD_CPE VARIABLES
CPE_HELPER NVD_CVE VULNERABILITIES
CPE_HELPER_SOURCE NVD_CVE_CONFIGURATION VULNERABILITIES_INFO
CPE_HELPER_TRANSLATION NVD_CVE_MATCH
For instance:
sqlite> select * from VULNERABILITIES where CVEID="CVE-2022-4269";
CVEID|TARGET|TARGET_MINOR|PACKAGE|OPERATION|OPERATION_VALUE|CHECK_VARS|IGNORE|ARCH_ID
CVE-2022-4269|RHEL9||kernel-devel-matched|less than|0:0|0|0|0
CVE-2022-4269|RHEL9||kernel-devel|less than|0:0|0|0|0
...
As you can see, there is only PACKAGE information that is the affected package.
I hope his helps
Thanks