diff options
author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-01-03 16:24:21 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-01-04 23:47:51 +0000 |
commit | 2a99029835fbd19d7995faedd0da6bb69b53dbf4 (patch) | |
tree | d99da393159651d0444f834229f472b527fa9236 /meta/recipes-kernel | |
parent | 10075b25626b6dedd81639b868a1949e2cddea4e (diff) | |
download | poky-2a99029835fbd19d7995faedd0da6bb69b53dbf4.tar.gz |
linux-yocto/6.1: update CVE exclusions
Data pulled from: https://github.com/nluedtke/linux_kernel_cves
1/1 [
Author: Nicholas Luedtke
Email: nicholas.luedtke@uwalumni.com
Subject: Update 27Dec23
Date: Wed, 27 Dec 2023 19:47:13 -0500
]
(From OE-Core rev: b303a7dd260ad3f6a9e6f1b8099b86efcc8373a9)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-kernel')
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 42 |
1 files changed, 39 insertions, 3 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 3cf11d6daf..8d345831d3 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc | |||
@@ -1,9 +1,9 @@ | |||
1 | 1 | ||
2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
3 | # Generated at 2023-12-23 08:44:42.304531+00:00 for version 6.1.68 | 3 | # Generated at 2024-01-03 21:24:21.156991+00:00 for version 6.1.70 |
4 | 4 | ||
5 | python check_kernel_cve_status_version() { | 5 | python check_kernel_cve_status_version() { |
6 | this_version = "6.1.68" | 6 | this_version = "6.1.70" |
7 | kernel_version = d.getVar("LINUX_VERSION") | 7 | kernel_version = d.getVar("LINUX_VERSION") |
8 | if kernel_version != this_version: | 8 | if kernel_version != this_version: |
9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) | 9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) |
@@ -5108,12 +5108,22 @@ CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54" | |||
5108 | 5108 | ||
5109 | CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" | 5109 | CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" |
5110 | 5110 | ||
5111 | # CVE-2023-50431 has no known resolution | ||
5112 | |||
5111 | CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62" | 5113 | CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62" |
5112 | 5114 | ||
5113 | CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" | 5115 | CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" |
5114 | 5116 | ||
5117 | # CVE-2023-51779 needs backporting (fixed from 6.7rc7) | ||
5118 | |||
5115 | CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" | 5119 | CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" |
5116 | 5120 | ||
5121 | CVE_STATUS[CVE-2023-51780] = "cpe-stable-backport: Backported in 6.1.69" | ||
5122 | |||
5123 | CVE_STATUS[CVE-2023-51781] = "cpe-stable-backport: Backported in 6.1.69" | ||
5124 | |||
5125 | CVE_STATUS[CVE-2023-51782] = "cpe-stable-backport: Backported in 6.1.69" | ||
5126 | |||
5117 | CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56" | 5127 | CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56" |
5118 | 5128 | ||
5119 | CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56" | 5129 | CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56" |
@@ -5122,7 +5132,7 @@ CVE_STATUS[CVE-2023-5633] = "fixed-version: only affects 6.2 onwards" | |||
5122 | 5132 | ||
5123 | CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.1.60" | 5133 | CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.1.60" |
5124 | 5134 | ||
5125 | # CVE-2023-5972 needs backporting (fixed from 6.6rc7) | 5135 | CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards" |
5126 | 5136 | ||
5127 | # CVE-2023-6039 needs backporting (fixed from 6.5rc5) | 5137 | # CVE-2023-6039 needs backporting (fixed from 6.5rc5) |
5128 | 5138 | ||
@@ -5134,3 +5144,29 @@ CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54" | |||
5134 | 5144 | ||
5135 | # CVE-2023-6238 has no known resolution | 5145 | # CVE-2023-6238 has no known resolution |
5136 | 5146 | ||
5147 | # CVE-2023-6356 has no known resolution | ||
5148 | |||
5149 | # CVE-2023-6535 has no known resolution | ||
5150 | |||
5151 | # CVE-2023-6536 has no known resolution | ||
5152 | |||
5153 | CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47" | ||
5154 | |||
5155 | # CVE-2023-6560 needs backporting (fixed from 6.7rc4) | ||
5156 | |||
5157 | # CVE-2023-6606 needs backporting (fixed from 6.7rc7) | ||
5158 | |||
5159 | # CVE-2023-6610 needs backporting (fixed from 6.7rc7) | ||
5160 | |||
5161 | CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68" | ||
5162 | |||
5163 | # CVE-2023-6679 needs backporting (fixed from 6.7rc6) | ||
5164 | |||
5165 | CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68" | ||
5166 | |||
5167 | CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.1.68" | ||
5168 | |||
5169 | CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66" | ||
5170 | |||
5171 | # CVE-2023-7042 has no known resolution | ||
5172 | |||