e-m-b-a · m-1-k-3 · Feb 26, 2024 · Feb 21, 2024 · Feb 21, 2024 · Feb 21, 2024
diff --git a/config/bin_version_strings.cfg b/config/bin_version_strings.cfg
@@ -277,7 +277,6 @@ intel_trusted_device_setup;;unknown;"^Intel\(R\)\ Trusted\ Device\ Setup\ Extens
 nichestack;;proprietary;^Interniche\ Stack\ v[0-9](\.[0-9]+)+$";"sed -r 's/Interniche\ Stack\ v([0-9](\.[0-9]+)+?)$/hcc-embedded:nichestack:\1/'";
 io-control;;unknown;"FUSE\ library\ version:\ [0-9](\.[0-9]+)+?";"sed -r 's/FUSE\ library\ version:\ ([0-9](\.[0-9]+)+?).*/fuse:\1/'";
 iotgoat;;MIT;"^iotgoat\ v[0-9]\.[0-9]$";"sed -r 's/iotgoat\ v([0-9](\.[0-9]+)+?)$/iotgoat:\1/'";
-ip6tables;;unknown;"ip6tables\ v[0-9](\.[0-9]+)+?$";"sed -r 's/ip6tables\ v([0-9](\.[0-9]+)+?)$/iptables:\1/'";
 iperf;;unknown;"iperf\ version\ [0-9](\.[0-9]+)+?";"sed -r 's/iperf\ version\ ([0-9](\.[0-9]+)+?).*/iperf:\1/'";
 iplink;;commercial;"^ipLink Version: [0-9]\.[0-9]\.[0-9]$";"sed -r 's/ipLink\ Version:\ ([0-9](\.[0-9]+)+?)$/ipcomm:iplink:\1/'";
 iproute2;;GPL-2.0-only;"\ iproute2-[0-9]+(\.[0-9]+)+?$";"sed -r 's/\ iproute2-([0-9]+(\.[0-9]+)+?)$/iproute2:\1/'";
@@ -288,9 +287,10 @@ ipsec;;unknown;"^ipsec\ eroute\ [0-9](\.[0-9]+)+?$";"sed -r 's/ipsec\ eroute\ ([
 ipsec;;unknown;"^ipsec\ ranbits\ [0-9](\.[0-9]+)+?$";"sed -r 's/ipsec\ ranbits\ ([0-9](\.[0-9]+)+?)$/ipsec:\1/'";
 ipset;;unknown;"^ipset\ v[0-9](\.[0-9]+)+?$";"sed -r 's/ipset\ v([0-9](\.[0-9]+)+?)$/ipset:\1/'";
 ipset;;unknown;"ipset\ v[0-9](\.[0-9]+)+?,\ protocol\ version:\ [0-9]";"sed -r 's/ipset\ v([0-9](\.[0-9]+)+?).*/ipset:\1/'";
-iptables;;GPL-2.0-only;"iptables\ v[0-9](\.[0-9]+)+?([a-z])?$";"sed -r 's/iptables\ v([0-9](\.[0-9]+)+?([a-z])?)$/iptables:\1/'";
-iptables;;GPL-2.0-only;"iptables\ v[0-9](\.[0-9]+)+?([a-z])?";"sed -r 's/iptables\ v([0-9](\.[0-9]+)+?([a-z])?).*/iptables:\1/'";
-iptables;multi_grep;GPL-2.0-only;'"^can't initialize iptables table `%s': %s$"&&"^[0-9](\.[0-9]+)?+$"';"sed -r 's/([0-9](\.[0-9]+)+?)$/iptables:\1/'";
+iptables;;GPL-2.0-only;"iptables\ v[1-9](\.[0-9]+)+?([a-z])?$";"sed -r 's/iptables\ v([0-9](\.[0-9]+)+?([a-z])?)$/iptables:\1/'";
+iptables;;GPL-2.0-only;"iptables\ v[1-9](\.[0-9]+)+?([a-z])?";"sed -r 's/iptables\ v([0-9](\.[0-9]+)+?([a-z])?).*/iptables:\1/'";
+iptables;multi_grep;GPL-2.0-only;'"^can't initialize iptables table `%s': %s$"&&"^[1-9](\.[0-9]+)?+$"';"sed -r 's/([0-9](\.[0-9]+)+?)$/iptables:\1/'";
+ip6tables;;GPL-2.0-only;"ip6tables\ v[1-9](\.[0-9]+)+?$";"sed -r 's/ip6tables\ v([0-9](\.[0-9]+)+?)$/iptables:\1/'";
 iptunnel;;unknown;"iptunnel\ [0-9](\.[0-9]+)+?";"sed -r 's/iptunnel\ ([0-9](\.[0-9]+)+?).*/iptunnel:\1/'";
 ipunz;;commercial;"^ipunz V[0-9]\.[0-9]$";"sed -r 's/ipunz\ V([0-9](\.[0-9]+)+?)$/ipcomm:ipunz:\1/'";
 ipzip;;commercial;"^ipzip V[0-9]\.[0-9]$";"sed -r 's/ipzip\ V([0-9](\.[0-9]+)+?)$/ipcomm:ipzip:\1/'";
@@ -651,7 +651,7 @@ snort;strict;GPL-2.0-only;"^Version\ [0-9](\.[0-9])+?";"sed -r 's/Version:\ ([0-
 socat;;GPL-2.0-only;"socat\ version\ [0-9](\.[0-9]+)+?-[a-z][0-9]+\ ";"sed -r 's/socat\ version\ ([0-9](\.[0-9]+)+?)((-[a-z][0-9]+)?)\ .*/socat:\1:\2/'";
 socat;;GPL-2.0-only;"socat\ version\ [0-9](\.[0-9]+)+?\ ";"sed -r 's/socat\ version\ ([0-9](\.[0-9]+)+?)\ .*/socat:\1/'";
 sqlite3;;public-domain;"SQLite\ version\ 3(\.[0-9]+)+?";"sed -r 's/SQLite\ version\ (3(\.[0-9]+)+?).*/sqlite:\1/'";
-sqlite3;multi_grep;public-domain;'"^sqlite3_version$"&&"^sqlite3_bind_parameter_index$"&&"^[0-9](\.[0-9]+)?+$"';"sed -r 's/([0-9](\.[0-9]+)+?)$/sqlite3:\1/'";
+sqlite3;multi_grep;public-domain;'"^sqlite3_version$"&&"^sqlite3_bind_parameter_index$"&&"^3(\.[0-9]+)?+$"';"sed -r 's/([0-9](\.[0-9]+)+?)$/sqlite3:\1/'";
 libsqlite3.so.0;strict;public-domain;"^3\.[0-9]+\.[0-9]+$";"sed -r 's/(3(\.[0-9]+)+?)$/sqlite:\1/'";
 squidclient;strict;unknown;"Version:\ [0-9]\.[0-9]\.[0-9]";"sed -r 's/Version:\ ([0-9](\.[0-9]+)+?)/squidclient:\1/'";
 squidguard;;unknown;"SquidGuard:\ [0-9]\.[0-9]\ Berkeley\ DB\ [0-9]\.[0-9]\.[0-9]+";"sed -r 's/SquidGuard:\ ([0-9](\.[0-9]+)+?)\ .*/squidguard:\1/'";
@@ -678,10 +678,10 @@ systemd;;LGPL-2.1-or-later;"^systemd [v0-9.-]+.* running in %ssystem mode \(%s\)
 sysvinit;;GPL-2.0-or-later;"^INIT_VERSION\=sysvinit-[0-9]\.(\.[0-9]+)+?$";"sed -r 's/INIT_VERSION\=sysvinit-([0-9](\.[0-9]+)+?)$/sysvinit:\1/'";
 tar;;unknown;"\(GNU\ tar\)\ [0-9](\.[0-9]+)+?$";"sed -r 's/\(GNU\ tar\)\ ([0-9](\.[0-9]+)+?)$/gnu:tar:\1/'";
 tcci;;unknown;"^\ tcci\ version:\ tcci\ V[0-9](\.[0-9]+)+?\ ";"sed -r 's/\ tcci\ version:\ tcci\ V([0-9](\.[0-9]+)+?)\ .*/tcci:\1/'";
-tcpdump;strict;BSD-3-Clause;"^[0-9]\.[0-9]+\.[0-9]+$";"sed -r 's/([0-9](\.[0-9]+)+?)$/tcpdump:\1/'";
-tcpdump;multi_grep;BSD-3-Clause;'"^dump$"&&"^\[\ -T\ type\ \]\ \[\ --version\ \]\ \[\ -V\ file\ \]$"&&"^[0-9](\.[0-9]+)+?$"';"sed -r 's/([0-9](\.[0-9]+)+?)/tcpdump:\1/'";
-tcpdump;;BSD-3-Clause;"tcpdump\.[0-9](\.[0-9]+)+?\ version";"sed -r 's/tcpdump\.([0-9](\.[0-9]+)+?)\ version/tcpdump:\1/'";
-tcpdump;;BSD-3-Clause;"^tcpdump\ version\ [0-9](\.[0-9]+)+?$";"sed -r 's/tcpdump\ version\ ([0-9](\.[0-9]+)+?)$/tcpdump:\1/'";
+tcpdump;strict;BSD-3-Clause;"^[2-9]\.[0-9]+\.[0-9]+$";"sed -r 's/([0-9](\.[0-9]+)+?)$/tcpdump:\1/'";
+tcpdump;multi_grep;BSD-3-Clause;'"^dump"&&"^\[\ -T\ type\ \]\ \[\ --version\ \]\ \[\ -V\ file\ \]$"&&"^[2-9](\.[0-9]+)+?$"';"sed -r 's/([0-9](\.[0-9]+)+?)/tcpdump:\1/'";
+tcpdump;;BSD-3-Clause;"tcpdump\.[2-9](\.[0-9]+)+?\ version";"sed -r 's/tcpdump\.([0-9](\.[0-9]+)+?)\ version/tcpdump:\1/'";
+tcpdump;;BSD-3-Clause;"^tcpdump\ version\ [2-9](\.[0-9]+)+?$";"sed -r 's/tcpdump\ version\ ([0-9](\.[0-9]+)+?)$/tcpdump:\1/'";
 tempfile;;unknown;"^tempfile\ [0-9][\.0-9]+$";"sed -r 's/tempfile\ ([0-9](\.[0-9]+)+?(p[0-9]+)?)$/tempfile:\1/'";
 texinfo;;unknown;"\(GNU\ texinfo\)\ [0-9](\.[0-9]+)+?$";"sed -r 's/\(GNU\ texinfo\)\ ([0-9](\.[0-9]+)+?)$/gnu:sed:\1/'";
 thttpd;;bsd-style;"^thttpd\/[0-9]\.[0-9]+([a-z])?\ [0-9]{2}[a-z]+[0-9]{4}$";"sed -r 's/thttpd\/([0-9]+\.[0-9]+([a-z])?).*/acme_labs:thttpd:\1/'"

diff --git a/config/linux_common_files.txt b/config/linux_common_files.txt
@@ -148278,6 +148278,7 @@ postgis-gui_shp2pgsql-gui.png
 _postgres_builtins.cpython-38.pyc
 _postgres_builtins.py
 _postgresql
+postgres
 postgresql.aug
 postgresql_can_rsync
 postgresql.cpython-37.opt-1.pyc

diff --git a/config/report_templates/S21_python_check.sh → .../report_templates/S21_python_check-pre.sh b/config/report_templates/S21_python_check.sh → .../report_templates/S21_python_check-pre.sh
diff --git a/config/report_templates/S27_perl_check-pre.sh b/config/report_templates/S27_perl_check-pre.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+print_output "The Perl checking module is designed to analyze Perl scripts for security vulnerabilities with the SAST tool zarn"
+print_output "$(indent "$(orange "https://github.com/htrgouvea/zarn")")"
diff --git a/helpers/helpers_emba_dependency_check.sh b/helpers/helpers_emba_dependency_check.sh
@@ -80,8 +80,8 @@ prepare_docker_home_dir() {
     fi
     cp -pr "${EXT_DIR}"/cwe_checker/.config/cwe_checker "${HOME}"/.config/
     # .local/share has also stored the r2 plugin data, this results in restoring only the composer and cwe_checker areas
-    cp -pr ${EXT_DIR}/cwe_checker/.local/share/composer/.htaccess ${HOME}/.local/share/composer/
-    cp -pr ${EXT_DIR}/cwe_checker/.local/share/cwe_checker/* ${HOME}/.local/share/cwe_checker/
+    cp -pr "${EXT_DIR}"/cwe_checker/.local/share/composer/.htaccess "${HOME}"/.local/share/composer/
+    cp -pr "${EXT_DIR}"/cwe_checker/.local/share/cwe_checker/* "${HOME}"/.local/share/cwe_checker/
   fi
 }
 
@@ -738,7 +738,11 @@ dependency_check()
         check_emulation_port "Running Qemu telnet service" "4321"
       fi
 
-      export GHIDRA_PATH="${EXT_DIR}""/ghidra/ghidra_10.3.1_PUBLIC"
+      if [[ -d "${EXT_DIR}""/ghidra/ghidra_10.3.1_PUBLIC" ]]; then
+        export GHIDRA_PATH="${EXT_DIR}""/ghidra/ghidra_10.3.1_PUBLIC"
+      elif [[ -d "${EXT_DIR}""/ghidra/ghidra_10.2.3_PUBLIC" ]]; then
+        export GHIDRA_PATH="${EXT_DIR}""/ghidra/ghidra_10.2.3_PUBLIC"
+      fi
       check_dep_file "GHIDRA" "${GHIDRA_PATH}""/ghidraRun"
 
       # prepare /root/.local and /root/.config directory for cwe_checker

diff --git a/installer/I120_cwe_checker.sh b/installer/I120_cwe_checker.sh
@@ -33,7 +33,8 @@ I120_cwe_checker() {
     print_git_info "cwe-checker" "EMBA-support-repos/cwe_checker" "cwe_checker is a suite of checks to detect common bug classes such as use of dangerous functions and simple integer overflows."
     echo -e "${ORANGE}""cwe-checker will be downloaded.""${NC}"
     print_file_info "OpenJDK" "OpenJDK for cwe-checker" "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.12%2B7/OpenJDK11U-jdk_x64_linux_hotspot_11.0.12_7.tar.gz" "external/jdk.tar.gz"
-    print_file_info "GHIDRA" "Ghidra for cwe-checker" "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.3.1_build/ghidra_10.3.1_PUBLIC_20230614.zip" "external/ghidra.zip"
+    # print_file_info "GHIDRA" "Ghidra for cwe-checker" "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.3.1_build/ghidra_10.3.1_PUBLIC_20230614.zip" "external/ghidra.zip"
+    print_file_info "GHIDRA" "Ghidra for cwe-checker" "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.2.3_build/ghidra_10.2.3_PUBLIC_20230208.zip" "external/ghidra.zip"
     print_file_info "Ghidra Haruspex script" "Decompiled code exporter" "https://raw.githubusercontent.com/EMBA-support-repos/ghidra-scripts-0xdea/main/Haruspex.java" "external/ghidra_scripts"
 
     if [[ "${LIST_DEP}" -eq 1 ]] || [[ "${DOCKER_SETUP}" -eq 1 ]] ; then
@@ -59,13 +60,16 @@ I120_cwe_checker() {
 
         # Ghidra
         if [[ -d ./external/ghidra ]] ; then rm -R ./external/ghidra ; fi
-        curl -L https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.3.1_build/ghidra_10.3.1_PUBLIC_20230614.zip -Sf -o external/ghidra.zip
+        # curl -L https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.3.1_build/ghidra_10.3.1_PUBLIC_20230614.zip -Sf -o external/ghidra.zip
+        curl -L https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_10.2.3_build/ghidra_10.2.3_PUBLIC_20230208.zip -Sf -o external/ghidra.zip
         mkdir external/ghidra 2>/dev/null
         unzip -qo external/ghidra.zip -d external/ghidra
         if [[ "${IN_DOCKER}" -eq 1 ]]; then
-          sed -i s@JAVA_HOME_OVERRIDE=@JAVA_HOME_OVERRIDE=/external/jdk@g external/ghidra/ghidra_10.3.1_PUBLIC/support/launch.properties
+          # sed -i s@JAVA_HOME_OVERRIDE=@JAVA_HOME_OVERRIDE=/external/jdk@g external/ghidra/ghidra_10.3.1_PUBLIC/support/launch.properties
+          sed -i s@JAVA_HOME_OVERRIDE=@JAVA_HOME_OVERRIDE=/external/jdk@g external/ghidra/ghidra_10.2.3_PUBLIC/support/launch.properties
         else
-          sed -i s@JAVA_HOME_OVERRIDE=@JAVA_HOME_OVERRIDE=external/jdk@g external/ghidra/ghidra_10.3.1_PUBLIC/support/launch.properties
+          # sed -i s@JAVA_HOME_OVERRIDE=@JAVA_HOME_OVERRIDE=external/jdk@g external/ghidra/ghidra_10.3.1_PUBLIC/support/launch.properties
+          sed -i s@JAVA_HOME_OVERRIDE=@JAVA_HOME_OVERRIDE=external/jdk@g external/ghidra/ghidra_10.2.3_PUBLIC/support/launch.properties
         fi
         rm external/ghidra.zip
 
@@ -92,7 +96,7 @@ I120_cwe_checker() {
 
           if [[ "${IN_DOCKER}" -eq 1 ]]; then
             # cp -pr "${HOME}""/.cargo/bin" "external/cwe_checker/bin"
-            echo '{"ghidra_path":"/external/ghidra/ghidra_10.3.1_PUBLIC"}' > "${HOME}"/.config/cwe_checker/ghidra.json
+            echo '{"ghidra_path":"/external/ghidra/ghidra_10.2.3_PUBLIC"}' > "${HOME}"/.config/cwe_checker/ghidra.json
 
             # save .config as we remount /root with tempfs -> now we can restore it in the module
             cp -pr "${HOME}"/.config ./external/cwe_checker/

diff --git a/installer/I20_sourcecode_check.sh b/installer/I20_sourcecode_check.sh
@@ -33,6 +33,9 @@ I20_sourcecode_check() {
     print_pip_info "semgrep"
     print_git_info "semgrep-rules" "returntocorp/semgrep-rules" "Standard library for Semgrep rules"
     print_git_info "0xdea C/C++ semgrep-rules" "EMBA-support-repos/semgrep-rules-0xdea" "C/C++ Semgrep rules by 0xdea"
+    print_git_info "zarn" "EMBA-support-repos/zarn" "Zarn static perl analyzer"
+    # cpanminus is needed for zarn:
+    print_tool_info "cpanminus" 1
 
     print_file_info "iniscan/composer.phar" "A Dependency Manager for PHP" "https://getcomposer.org/installer" "external/iniscan/composer.phar"
 
@@ -57,6 +60,17 @@ I20_sourcecode_check() {
           git clone https://github.com/EMBA-support-repos/semgrep-rules-0xdea.git external/semgrep-rules-0xdea
         fi
 
+        # zarn perl code analyser
+        if ! [[ -d external/zarn ]]; then
+          # git clone https://github.com/EMBA-support-repos/zarn.git external/zarn
+          git clone https://github.com/htrgouvea/zarn.git external/zarn
+          cd external/zarn || ( echo "Could not install EMBA component zarn" && exit 1 )
+          # https://github.com/htrgouvea/zarn/issues/3
+          git reset --hard 009331c
+          cpanm --installdeps .
+          cd "${HOME_PATH}" || ( echo "Could not install EMBA component zarn" && exit 1 )
+        fi
+
         if ! [[ -d "external/iniscan" ]] ; then
           mkdir external/iniscan
         fi

diff --git a/modules/F02_toolchain.sh b/modules/F02_toolchain.sh
@@ -22,6 +22,7 @@ F02_toolchain() {
   pre_module_reporter "${FUNCNAME[0]}"
 
   local KERNEL_V_ARR=()
+  local KERNEL_V_ARR_S25=()
   local KERNEL_STRING_ARR=()
   local COMPILE_FILES_ARR=()
   local BINARY_DETAILS_ARR=()
@@ -67,7 +68,7 @@ F02_toolchain() {
   # GCC (Buildroot 2012.11.1)
   # GCC (GNU) 3.3.2
 
-  # kernel with release date from s24 (s25 only holds the  kernel version and is used as fallback)
+  # kernel with release date from s24 (s25 only holds the kernel version and is used as fallback)
   if [[ "${#KERNEL_V_ARR[@]}" -gt 0 ]]; then
     for KERNEL_V in "${KERNEL_V_ARR[@]}"; do
       if [[ -z "${KERNEL_V}" ]]; then
@@ -110,10 +111,10 @@ F02_toolchain() {
       fi
       K_RELEASE_DATE=""
       if [[ -f "${CONFIG_DIR}"/kernel_details.csv ]]; then
-        K_RELEASE_DATE=$(grep "^linux-${KERNEL_VERSION};" "${CONFIG_DIR}"/kernel_details.csv | cut -d\; -f2 | sort -u || true)
+        K_RELEASE_DATE=$(grep "^linux-${KERNEL_V};" "${CONFIG_DIR}"/kernel_details.csv | cut -d\; -f2 | sort -u || true)
         # if we have not identified a release date and the version is something linke 1.2.0 we are testing also 1.2
-        if [[ -z "${K_RELEASE_DATE}" ]] && [[ "${KERNEL_VERSION}" =~ [0-9]+\.[0-9]+\.0$ ]]; then
-          K_RELEASE_DATE=$(grep "^linux-${KERNEL_VERSION%%\.0};" "${CONFIG_DIR}"/kernel_details.csv || true)
+        if [[ -z "${K_RELEASE_DATE}" ]] && [[ "${KERNEL_V}" =~ [0-9]+\.[0-9]+\.0$ ]]; then
+          K_RELEASE_DATE=$(grep "^linux-${KERNEL_V%%\.0};" "${CONFIG_DIR}"/kernel_details.csv || true)
           K_RELEASE_DATE="${K_RELEASE_DATE/*;}"
         fi
       fi

diff --git a/modules/F20_vul_aggregator.sh b/modules/F20_vul_aggregator.sh
@@ -1064,7 +1064,7 @@ cve_extractor() {
   fi
 
   if [[ -f "${TMP_DIR}/exploit_cnt.tmp" ]]; then
-    EXPLOIT_COUNTER_VERSION=$(grep -c "${BINARY}" "${TMP_DIR}/exploit_cnt.tmp" || true)
+    EXPLOIT_COUNTER_VERSION=$(grep -c "^${BINARY};" "${TMP_DIR}/exploit_cnt.tmp" || true)
   fi
 
   { echo ""
@@ -1123,13 +1123,13 @@ cve_extractor() {
       printf "[${ORANGE}+${NC}]${ORANGE} Found version details: \t%-20.20s:   %-15.15s:   CVEs: %-10.10s:   Exploits: %-5.5s:   Source: %-15.15s${NC}\n" "${BINARY}" "${VERSION}" "${CVEs}" "${EXPLOITS}" "${VSOURCE}" >> "${LOG_PATH_MODULE}"/F20_summary.txt
       echo "${BINARY};${VERSION};${CVEs};${EXPLOITS}" >> "${LOG_PATH_MODULE}"/F20_summary.csv
     fi
-  elif [[ "${CVEs}" -eq 0 && "${EXPLOITS}" -eq 0 ]]; then
-    printf "[${GREEN}+${NC}]${GREEN} Found version details: \t%-20.20s:   %-15.15s:   CVEs: %-10.10s:   Exploits: %-5.5s:   Source: %-15.15s${NC}\n" "${BINARY}" "${VERSION}" "${CVEs}" "${EXPLOITS}" "${VSOURCE}" >> "${LOG_PATH_MODULE}"/F20_summary.txt
-    echo "${BINARY};${VERSION};${CVEs};${EXPLOITS}" >> "${LOG_PATH_MODULE}"/F20_summary.csv
+  elif [[ "${CVEs/\ */}" -eq 0 && "${EXPLOITS}" -eq 0 ]]; then
+    printf "[${GREEN}+${NC}]${GREEN} Found version details: \t%-20.20s:   %-15.15s:   CVEs: %-10.10s:   Exploits: %-5.5s:   Source: %-15.15s${NC}\n" "${BINARY}" "${VERSION}" "${CVEs/\ */}" "${EXPLOITS}" "${VSOURCE}" >> "${LOG_PATH_MODULE}"/F20_summary.txt
+    echo "${BINARY};${VERSION};${CVEs/\ */};${EXPLOITS}" >> "${LOG_PATH_MODULE}"/F20_summary.csv
   else
     # this should never happen ...
-    printf "[+] Found version details: \t%-20.20s:   %-15.15s:   CVEs: %-5.5s:   Exploits: %-10.10s:   Source: %-15.15s\n" "${BINARY}" "${VERSION}" "${CVEs}" "${EXPLOITS}" "${VSOURCE}" >> "${LOG_PATH_MODULE}"/F20_summary.txt
-    echo "${BINARY};${VERSION};${CVEs};${EXPLOITS}" >> "${LOG_PATH_MODULE}"/F20_summary.csv
+    printf "[+] Found version details: \t%-20.20s:   %-15.15s:   CVEs: %-5.5s:   Exploits: %-10.10s:   Source: %-15.15s\n" "${BINARY}" "${VERSION}" "${CVEs/\ */}" "${EXPLOITS}" "${VSOURCE}" >> "${LOG_PATH_MODULE}"/F20_summary.txt
+    echo "${BINARY};${VERSION};${CVEs/\ */};${EXPLOITS}" >> "${LOG_PATH_MODULE}"/F20_summary.csv
   fi
 
   # now, lets write the main f20 log file with the results of the current binary:
@@ -1409,7 +1409,6 @@ cve_extractor_thread_actor() {
         # otherwise we count an exploit for one CVE multiple times
         ((EXPLOIT_COUNTER_VERSION+=1))
         echo "${BINARY};${CVE_VALUE};PS" >> "${TMP_DIR}"/exploit_cnt.tmp
-        echo "kernel exploit" >> "${TMP_DIR}"/exploit_cnt.tmp
         EDB=1
       fi
     fi
@@ -1440,7 +1439,6 @@ cve_extractor_thread_actor() {
         # otherwise we count an exploit for one CVE multiple times
         ((EXPLOIT_COUNTER_VERSION+=1))
         echo "${BINARY};${CVE_VALUE};PS" >> "${TMP_DIR}"/exploit_cnt.tmp
-        echo "kernel exploit" >> "${TMP_DIR}"/exploit_cnt.tmp
         EDB=1
       fi
     fi

diff --git a/modules/L10_system_emulation.sh b/modules/L10_system_emulation.sh
@@ -293,10 +293,10 @@ create_emulation_filesystem() {
 
   print_output "[*] Creating Filesystem"
   sync
-  mkfs.ext2 "${DEVICE}"
+  mkfs.ext2 "${DEVICE}" || ( print_output "[-] Error in filesystem creation" && return )
 
   print_output "[*] Mounting QEMU Image Partition 1 to ${ORANGE}${MNT_POINT}${NC}"
-  mount "${DEVICE}" "${MNT_POINT}" || true
+  mount "${DEVICE}" "${MNT_POINT}" || ( print_output "[-] Error in mounting the filesystem" && return )
 
   if mount | grep -q "${MNT_POINT}"; then
 
@@ -2266,6 +2266,7 @@ add_partition_emulation() {
   local DEV_PATH="NA"
   local FOUND=false
   local CNT=0
+  local DEV_NR=0
 
   losetup -Pf "${1}"
   while (! "${FOUND}"); do
@@ -2276,7 +2277,15 @@ add_partition_emulation() {
     for LINE in "${LOSETUP_OUT[@]}"; do
       IMAGE_PATH=$(echo "${LINE}" | awk '{print $6}')
       if [[ "${IMAGE_PATH}" == "${1}" ]]; then
-        DEV_PATH=$(echo "${LINE}" | awk '{print $1}')p1
+        DEV_PATH=$(echo "${LINE}" | awk '{print $1}')
+        if [[ "$(dirname "${DEV_PATH}")" == "/dev/loop" ]]; then
+          # if we have the new naming like /dev/loop/0 -> dirname results in /dev/loop
+          DEV_NR=$(echo "${DEV_PATH}" | rev | cut -d '/' -f1 | rev)
+          DEV_PATH="/dev/loop${DEV_NR}p1"
+        else
+          # old naming like /dev/loop0 -> dirname results in /dev/
+          DEV_PATH=$(echo "${LINE}" | awk '{print $1}')p1
+        fi
         if [[ -b "${DEV_PATH}" ]]; then
           FOUND=true
         fi

diff --git a/modules/S08_package_mgmt_extractor.sh b/modules/S08_package_mgmt_extractor.sh
@@ -53,7 +53,6 @@ debian_status_files_search() {
     for PACKAGE_FILE in "${DEBIAN_MGMT_STATUS[@]}" ; do
       if grep -q "Package: " "${PACKAGE_FILE}"; then
         mapfile -t DEBIAN_PACKAGES < <(grep "^Package: \|^Status: \|^Version: " "${PACKAGE_FILE}" | sed -z 's/\nVersion: / - Version: /g' | sed -z 's/\nStatus: / - Status: /g')
-        print_ln
         print_output "[*] Found debian package details:"
         for PACKAGE_VERSION in "${DEBIAN_PACKAGES[@]}" ; do
           # Package: xxd - Status: install ok installed - 2:8.2.3995-1+b3
@@ -94,7 +93,6 @@ openwrt_control_files_search() {
     for PACKAGE_FILE in "${OPENWRT_MGMT_CONTROL[@]}" ; do
       if grep -q "Package: " "${PACKAGE_FILE}"; then
         mapfile -t OPENWRT_PACKAGES < <(grep "^Package: \|^Version: " "${PACKAGE_FILE}" | sed -z 's/\nVersion: / - Version: /g')
-        print_ln
         for PACKAGE_VERSION in "${OPENWRT_PACKAGES[@]}" ; do
           PACKAGE=$(safe_echo "${PACKAGE_VERSION}" | awk '{print $2}' | tr -dc '[:print:]')
           VERSION=${PACKAGE_VERSION/*Version:\ /}
@@ -137,7 +135,6 @@ rpm_package_files_search() {
       RPM_DIR="$(dirname "${PACKAGE_FILE}")"
       # not sure this works on an offline system - we need further tests on this:
       mapfile -t RPM_PACKAGES < <(rpm -qa --dbpath "${RPM_DIR}" || true)
-      print_ln
       for PACKAGE_AND_VERSION in "${RPM_PACKAGES[@]}" ; do
         PACKAGE_VERSION=$(rpm -qi --dbpath "${RPM_DIR}" "${PACKAGE_AND_VERSION}" | grep Version | awk '{print $3}' || true)
         PACKAGE_NAME=$(rpm -qi --dbpath "${RPM_DIR}" "${PACKAGE_AND_VERSION}" | grep Version | awk '{print $1}' || true)