This should be already resolved since a few days. Please update your feed to a recent one and try again.
The most common reason for this is that you have some older kernel packages left behind. The report should include the vulnerable package and the detected version which should help you to identify the packages to see if you need to remove some older ones.
The update to the DSA 4346-1 was done on 31/01/2019 to correct the seen behavior. I’m not sure how often and at which time the update of the GCF/GSF feeds are done so it might be possible that it didn’t arrived in the feed at the time of your scan.