diff --git a/0002-modify-re-of-kernel-filter.patch b/0002-modify-re-of-kernel-filter.patch
new file mode 100644
index 0000000..392de4f
--- /dev/null
+++ b/0002-modify-re-of-kernel-filter.patch
@@ -0,0 +1,81 @@
+From 831aca01a20fcd67b1d6ff604a0334aaa419efd5 Mon Sep 17 00:00:00 2001
+From: gongzt <gong_zhengtang@163.com>
+Date: Sat, 11 Nov 2023 17:47:25 +0800
+Subject: Modify the regular expression of kernel filter
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+---
+ ceres/manages/vulnerability_manage.py | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
+index c41a7fa..39f475d 100644
+--- a/ceres/manages/vulnerability_manage.py
++++ b/ceres/manages/vulnerability_manage.py
+@@ -166,7 +166,7 @@ class VulnerabilityManage:
+             return rpm_info
+ 
+         for line in stdout.splitlines():
+-            rpm_name, new_rpm_info = line.split(":",1)
++            rpm_name, new_rpm_info = line.split(":", 1)
+             old_rpm_info = rpm_info.get(rpm_name, "")
+             rpm_info[rpm_name] = new_rpm_info if new_rpm_info > old_rpm_info else old_rpm_info
+         LOGGER.debug("query installed rpm package info succeed!")
+@@ -200,7 +200,7 @@ class VulnerabilityManage:
+         # ("kernel", "x86_64.", "5.10.0-60.105.0.132.oe2203"),
+         # ("kernel-debuginfo", "x86_64", "5.10.0-60.105.0.132.oe2203")
+         # ]
+-        rpm_info = re.findall("^(kernel\S*)\.([a-z468_]+)\s+(\S+)", stdout, re.MULTILINE)
++        rpm_info = re.findall("^(kernel)\.([a-z468_]+)\s+(\S+)", stdout, re.MULTILINE)
+ 
+         if not rpm_info:
+             return result
+@@ -243,7 +243,7 @@ class VulnerabilityManage:
+         # ("CVE-2021-43976", "Important/Sec.", "kernel-4.19.90-2201.1.0.0132.oe1.x86_64"),
+         # ("CVE-2021-0941", "Important/Sec.", "kernel-4.19.90-2201.1.0.0132.oe1.x86_64")
+         # ]
+-        all_cve_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel\S+)", stdout)
++        all_cve_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel-\d\S+)", stdout)
+         if not all_cve_info:
+             return unfixed_cves
+ 
+@@ -306,7 +306,7 @@ class VulnerabilityManage:
+         # ("CVE-2023-1513", "Important/Sec.", "kernel-4.19.90-2304.1.0.0196.oe1.x86_64", "patch-kernel-4.19.90-2112.."),
+         # ("CVE-2021-xxxx", "Important/Sec.", "-", "patch-redis-6.2.5-1-SGL_CVE_2023_1111_CVE_2023_1112-1-1.x86_64")
+         # ]
+-        all_cve_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel\S+|-)\s+(patch-kernel\S+|-)", stdout)
++        all_cve_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel-\d\S+|-)\s+(patch-kernel-\d\S+|-)", stdout)
+         if not all_cve_info:
+             return cve_info_list
+ 
+@@ -368,7 +368,7 @@ class VulnerabilityManage:
+         # ("CVE-2021-43976","Important/Sec.", "kernel-4.19.90-2201.1.0.0132.oe1.x86_64"),
+         # ("CVE-2021-0941","Important/Sec.", "kernel-4.19.90-2201.1.0.0132.oe1.x86_64")
+         # ]
+-        fixed_cves_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel\S+)", stdout)
++        fixed_cves_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel-\d\S+)", stdout)
+ 
+         if not fixed_cves_info:
+             return fixed_cves
+@@ -407,7 +407,7 @@ class VulnerabilityManage:
+         # ("CVE-2021-xxxx", "Important/Sec.", "-", "patch-redis-6.2.5-1-SGL_CVE_2023_1111_CVE_2023_1112-1-1.x86_64")
+         # ]
+         hotpatch_status = self._query_applied_hotpatch_status()
+-        all_cve_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel\S+|-)\s+(patch-kernel\S+|-)", stdout)
++        all_cve_info = re.findall(r"(CVE-\d{4}-\d+)\s+([\w+/.]+)\s+(kernel-\d\S+|-)\s+(patch-kernel-\d\S+|-)", stdout)
+ 
+         cve_info_fixed_by_coldpatch, cve_info_fixed_by_hotpatch, hotpatch_dic = [], [], defaultdict(str)
+         for cve_id, _, coldpatch, hotpatch in all_cve_info:
+@@ -472,7 +472,7 @@ class VulnerabilityManage:
+         # ("CVE-2023-1112", "redis-6.2.5-1/SGL_CVE_2023_1111_CVE_2023_1112-1-1/redis-server", "NOT-APPLIED"),
+         # ("CVE-2023-1111", "redis-6.2.5-1/ACC-1-1/redis-benchmark", "ACTIVED")
+         # ]
+-        applied_hotpatch_info_list = re.findall(r"(CVE-\d{4}-\d+)\s+(kernel[\w\-/.]+)\s+([A-W]+)", stdout)
++        applied_hotpatch_info_list = re.findall(r"(CVE-\d{4}-\d+)\s+(kernel-\d[\w\-/.]+)\s+([A-W]+)", stdout)
+ 
+         if not applied_hotpatch_info_list:
+             return result
+-- 
+Gitee
diff --git a/aops-ceres.spec b/aops-ceres.spec
index a901303..b3ce0ae 100644
--- a/aops-ceres.spec
+++ b/aops-ceres.spec
@@ -2,13 +2,13 @@
 
 Name:		aops-ceres
 Version:	v1.3.4
-Release:	2
+Release:	3
 Summary:	An agent which needs to be adopted in client, it managers some plugins, such as gala-gopher(kpi collection), fluentd(log collection) and so on.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz
 Patch0001:      0001-support-kabi-check.patch
-
+Patch0002:      0002-modify-re-of-kernel-filter.patch
 
 BuildRequires:  python3-setuptools
 Requires:   python3-requests  python3-jsonschema python3-libconf
@@ -88,6 +88,9 @@ install -b -m755 ./extra-tools/da-tool/script/da-tool.sh       ${RPM_BUILD_ROOT}
 %attr(755, root, root) %{_bindir}/da-tool-analysis
 
 %changelog
+* Tue Nov 14 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-3
+- modify the regular expression of kernel filter
+
 * Mon Nov 13 2023 wangguangge<wangguangge@huawei.com> - v1.3.4-2
 - support kabi check for dnf-hotpatch-plugin