commit 7939aa03e00e7e48781d405743e2f2d31fca113b
Author: John Helmert III <ajak@gentoo.org>
Date:   Fri Jan 7 01:46:35 2022 -0600

    Add non-usr-merged systemd-coredump to UMH whitelist
    
    Some distributions haven't merged /usr yet, so add the alternative
    path for systemd-coredump.
    
    Signed-off-by: John Helmert III <ajak@gentoo.org>

diff --git a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
index ac2a737..7387135 100644
--- a/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
+++ b/src/modules/exploit_detection/syscalls/p_call_usermodehelper/p_call_usermodehelper.c
@@ -45,6 +45,7 @@ static const char * const p_umh_global[] = {
    "/etc/acpi/events/RadioPower.sh",
    "/etc/acpi/wireless-rtl-ac-dc-power.sh",
    "/lib/systemd/systemd-cgroups-agent",
+   "/lib/systemd/systemd-coredump",
    "/sbin/bridge-stp",
    "/sbin/critical_overtemp",
    "/sbin/drbdadm",