cve-extra-exclusions: add more ignores for 2023 kernel CVEs

All of these CVEs have been fixed in the kernel point release that we currently ship, so ignore them. (From OE-Core rev: 86aee302673146dca10f313d0c70b69d6c4bdc7d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@arm.com> 2023-06-12 14:10:30 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-06-13 22:16:31 +0100
commit: 52edee5ad3709e68156d8ed2b6aa4b7e4ca7259c (patch)
tree: bdf2368bae5d9917499bdab4eb19e33cf4e7e3b2 /meta/conf
parent: 34d73073a88c111a580e00e7fecf0f3d328c643f (diff)
download: poky-52edee5ad3709e68156d8ed2b6aa4b7e4ca7259c.tar.gz
1 files changed, 52 insertions, 0 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index ff5d381523..41d751a7ae 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -591,6 +591,10 @@ CVE_CHECK_IGNORE += "CVE-2023-1990"
 # Fixed in 6.1.16
 CVE_CHECK_IGNORE += "CVE-2023-1998"
+# https://www.linuxkernelcves.com/cves/CVE-2023-2002
+# Fixed in 6.1.27
+CVE_CHECK_IGNORE += "CVE-2023-2002"
 # https://www.linuxkernelcves.com/cves/CVE-2023-2156
 # Fixed in 6.1.26
 CVE_CHECK_IGNORE += "CVE-2023-2156"
@@ -598,3 +602,51 @@ CVE_CHECK_IGNORE += "CVE-2023-2156"
 # https://www.linuxkernelcves.com/cves/CVE-2023-2162
 # Fixed in 6.1.11
 CVE_CHECK_IGNORE += "CVE-2023-2162"
+# https://www.linuxkernelcves.com/cves/CVE-2023-2194
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-2194"
+# https://www.linuxkernelcves.com/cves/CVE-2023-2235
+# Fixed with 6.1.21
+CVE_CHECK_IGNORE += "CVE-2023-2235"
+# https://www.linuxkernelcves.com/cves/CVE-2023-28328
+# Fixed with 6.1.2
+CVE_CHECK_IGNORE += "CVE-2023-28328"
+# https://www.linuxkernelcves.com/cves/CVE-2023-2985
+# Fixed in 6.1.16
+CVE_CHECK_IGNORE += "CVE-2023-2985"
+# https://www.linuxkernelcves.com/cves/CVE-2023-28866
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-28866"
+# https://www.linuxkernelcves.com/cves/CVE-2023-30456
+# Fixed with 6.1.21
+CVE_CHECK_IGNORE += "CVE-2023-30456"
+# https://www.linuxkernelcves.com/cves/CVE-2023-30772
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-30772"
+# https://www.linuxkernelcves.com/cves/CVE-2023-31436
+# Fixed with 6.1.26
+CVE_CHECK_IGNORE += "CVE-2023-31436"
+# https://www.linuxkernelcves.com/cves/CVE-2023-32233
+# Fixed with 6.1.28
+CVE_CHECK_IGNORE += "CVE-2023-32233"
+# https://www.linuxkernelcves.com/cves/CVE-2023-33203
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-33203"
+# https://www.linuxkernelcves.com/cves/CVE-2023-33288
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-33288"
+# https://www.linuxkernelcves.com/cves/CVE-2023-34256
+# Fixed in 6.1.29
+CVE_CHECK_IGNORE += "CVE-2023-34256"
author	Ross Burton <ross.burton@arm.com>	2023-06-12 14:10:30 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-06-13 22:16:31 +0100
commit	52edee5ad3709e68156d8ed2b6aa4b7e4ca7259c (patch)
tree	bdf2368bae5d9917499bdab4eb19e33cf4e7e3b2 /meta/conf
parent	34d73073a88c111a580e00e7fecf0f3d328c643f (diff)
download	poky-52edee5ad3709e68156d8ed2b6aa4b7e4ca7259c.tar.gz

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index ff5d381523..41d751a7ae 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -591,6 +591,10 @@ CVE_CHECK_IGNORE += "CVE-2023-1990"
591	# Fixed in 6.1.16	591	# Fixed in 6.1.16
592	CVE_CHECK_IGNORE += "CVE-2023-1998"	592	CVE_CHECK_IGNORE += "CVE-2023-1998"
593		593
		594	# https://www.linuxkernelcves.com/cves/CVE-2023-2002
		595	# Fixed in 6.1.27
		596	CVE_CHECK_IGNORE += "CVE-2023-2002"
		597
594	# https://www.linuxkernelcves.com/cves/CVE-2023-2156	598	# https://www.linuxkernelcves.com/cves/CVE-2023-2156
595	# Fixed in 6.1.26	599	# Fixed in 6.1.26
596	CVE_CHECK_IGNORE += "CVE-2023-2156"	600	CVE_CHECK_IGNORE += "CVE-2023-2156"
@@ -598,3 +602,51 @@ CVE_CHECK_IGNORE += "CVE-2023-2156"
598	# https://www.linuxkernelcves.com/cves/CVE-2023-2162	602	# https://www.linuxkernelcves.com/cves/CVE-2023-2162
599	# Fixed in 6.1.11	603	# Fixed in 6.1.11
600	CVE_CHECK_IGNORE += "CVE-2023-2162"	604	CVE_CHECK_IGNORE += "CVE-2023-2162"
		605
		606	# https://www.linuxkernelcves.com/cves/CVE-2023-2194
		607	# Fixed with 6.1.22
		608	CVE_CHECK_IGNORE += "CVE-2023-2194"
		609
		610	# https://www.linuxkernelcves.com/cves/CVE-2023-2235
		611	# Fixed with 6.1.21
		612	CVE_CHECK_IGNORE += "CVE-2023-2235"
		613
		614	# https://www.linuxkernelcves.com/cves/CVE-2023-28328
		615	# Fixed with 6.1.2
		616	CVE_CHECK_IGNORE += "CVE-2023-28328"
		617
		618	# https://www.linuxkernelcves.com/cves/CVE-2023-2985
		619	# Fixed in 6.1.16
		620	CVE_CHECK_IGNORE += "CVE-2023-2985"
		621
		622	# https://www.linuxkernelcves.com/cves/CVE-2023-28866
		623	# Fixed with 6.1.22
		624	CVE_CHECK_IGNORE += "CVE-2023-28866"
		625
		626	# https://www.linuxkernelcves.com/cves/CVE-2023-30456
		627	# Fixed with 6.1.21
		628	CVE_CHECK_IGNORE += "CVE-2023-30456"
		629
		630	# https://www.linuxkernelcves.com/cves/CVE-2023-30772
		631	# Fixed with 6.1.22
		632	CVE_CHECK_IGNORE += "CVE-2023-30772"
		633
		634	# https://www.linuxkernelcves.com/cves/CVE-2023-31436
		635	# Fixed with 6.1.26
		636	CVE_CHECK_IGNORE += "CVE-2023-31436"
		637
		638	# https://www.linuxkernelcves.com/cves/CVE-2023-32233
		639	# Fixed with 6.1.28
		640	CVE_CHECK_IGNORE += "CVE-2023-32233"
		641
		642	# https://www.linuxkernelcves.com/cves/CVE-2023-33203
		643	# Fixed with 6.1.22
		644	CVE_CHECK_IGNORE += "CVE-2023-33203"
		645
		646	# https://www.linuxkernelcves.com/cves/CVE-2023-33288
		647	# Fixed with 6.1.22
		648	CVE_CHECK_IGNORE += "CVE-2023-33288"
		649
		650	# https://www.linuxkernelcves.com/cves/CVE-2023-34256
		651	# Fixed in 6.1.29
		652	CVE_CHECK_IGNORE += "CVE-2023-34256"