diff options
| author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-01-19 16:14:17 -0500 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-01-22 13:39:22 +0000 |
| commit | 7c54332e05383d5dc1c75039c9d48cf6c74d3544 (patch) | |
| tree | 6702b8a697fcea113959e5f7c456bbb5f5d8c8a9 /meta/recipes-kernel | |
| parent | d478043f67f97a1c96a9ab6c2b4139c6eb0e711e (diff) | |
| download | poky-7c54332e05383d5dc1c75039c9d48cf6c74d3544.tar.gz | |
linux-yocto/6.6: update CVE exclusions
Data pulled from: https://github.com/nluedtke/linux_kernel_cves
1/1 [
Author: Nicholas Luedtke
Email: nicholas.luedtke@uwalumni.com
Subject: Update 15Jan24
Date: Mon, 15 Jan 2024 12:48:45 -0500
]
(From OE-Core rev: 2c6dbaef795e65a94c7f3ac54be5d0414e5e213c)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-kernel')
| -rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.6.inc | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.6.inc b/meta/recipes-kernel/linux/cve-exclusion_6.6.inc index 2b74d3585d..3a4451b6f8 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.6.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.6.inc | |||
| @@ -1,9 +1,9 @@ | |||
| 1 | 1 | ||
| 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
| 3 | # Generated at 2024-01-11 15:23:15.711210+00:00 for version 6.6.11 | 3 | # Generated at 2024-01-18 21:07:26.764606+00:00 for version 6.6.12 |
| 4 | 4 | ||
| 5 | python check_kernel_cve_status_version() { | 5 | python check_kernel_cve_status_version() { |
| 6 | this_version = "6.6.11" | 6 | this_version = "6.6.12" |
| 7 | kernel_version = d.getVar("LINUX_VERSION") | 7 | kernel_version = d.getVar("LINUX_VERSION") |
| 8 | if kernel_version != this_version: | 8 | if kernel_version != this_version: |
| 9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) | 9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) |
| @@ -4584,6 +4584,8 @@ CVE_STATUS[CVE-2022-48425] = "fixed-version: Fixed from version 6.4rc1" | |||
| 4584 | 4584 | ||
| 4585 | CVE_STATUS[CVE-2022-48502] = "fixed-version: Fixed from version 6.2rc1" | 4585 | CVE_STATUS[CVE-2022-48502] = "fixed-version: Fixed from version 6.2rc1" |
| 4586 | 4586 | ||
| 4587 | CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1" | ||
| 4588 | |||
| 4587 | CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" | 4589 | CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" |
| 4588 | 4590 | ||
| 4589 | CVE_STATUS[CVE-2023-0045] = "fixed-version: Fixed from version 6.2rc3" | 4591 | CVE_STATUS[CVE-2023-0045] = "fixed-version: Fixed from version 6.2rc3" |
| @@ -4666,6 +4668,8 @@ CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7" | |||
| 4666 | 4668 | ||
| 4667 | CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4" | 4669 | CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4" |
| 4668 | 4670 | ||
| 4671 | # CVE-2023-1476 has no known resolution | ||
| 4672 | |||
| 4669 | CVE_STATUS[CVE-2023-1513] = "fixed-version: Fixed from version 6.2" | 4673 | CVE_STATUS[CVE-2023-1513] = "fixed-version: Fixed from version 6.2" |
| 4670 | 4674 | ||
| 4671 | CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4" | 4675 | CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4" |
| @@ -5114,7 +5118,7 @@ CVE_STATUS[CVE-2023-5090] = "fixed-version: Fixed from version 6.6rc7" | |||
| 5114 | 5118 | ||
| 5115 | CVE_STATUS[CVE-2023-5158] = "fixed-version: Fixed from version 6.6rc5" | 5119 | CVE_STATUS[CVE-2023-5158] = "fixed-version: Fixed from version 6.6rc5" |
| 5116 | 5120 | ||
| 5117 | # CVE-2023-51779 needs backporting (fixed from 6.7rc7) | 5121 | CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.6.9" |
| 5118 | 5122 | ||
| 5119 | CVE_STATUS[CVE-2023-5178] = "fixed-version: Fixed from version 6.6rc7" | 5123 | CVE_STATUS[CVE-2023-5178] = "fixed-version: Fixed from version 6.6rc7" |
| 5120 | 5124 | ||
| @@ -5136,6 +5140,8 @@ CVE_STATUS[CVE-2023-5972] = "fixed-version: Fixed from version 6.6rc7" | |||
| 5136 | 5140 | ||
| 5137 | CVE_STATUS[CVE-2023-6039] = "fixed-version: Fixed from version 6.5rc5" | 5141 | CVE_STATUS[CVE-2023-6039] = "fixed-version: Fixed from version 6.5rc5" |
| 5138 | 5142 | ||
| 5143 | CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1" | ||
| 5144 | |||
| 5139 | CVE_STATUS[CVE-2023-6111] = "cpe-stable-backport: Backported in 6.6.3" | 5145 | CVE_STATUS[CVE-2023-6111] = "cpe-stable-backport: Backported in 6.6.3" |
| 5140 | 5146 | ||
| 5141 | CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.6.4" | 5147 | CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.6.4" |
| @@ -5144,8 +5150,12 @@ CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2" | |||
| 5144 | 5150 | ||
| 5145 | # CVE-2023-6238 has no known resolution | 5151 | # CVE-2023-6238 has no known resolution |
| 5146 | 5152 | ||
| 5153 | # CVE-2023-6270 has no known resolution | ||
| 5154 | |||
| 5147 | # CVE-2023-6356 has no known resolution | 5155 | # CVE-2023-6356 has no known resolution |
| 5148 | 5156 | ||
| 5157 | CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.6.7" | ||
| 5158 | |||
| 5149 | # CVE-2023-6535 has no known resolution | 5159 | # CVE-2023-6535 has no known resolution |
| 5150 | 5160 | ||
| 5151 | # CVE-2023-6536 has no known resolution | 5161 | # CVE-2023-6536 has no known resolution |
| @@ -5154,13 +5164,13 @@ CVE_STATUS[CVE-2023-6546] = "fixed-version: Fixed from version 6.5rc7" | |||
| 5154 | 5164 | ||
| 5155 | CVE_STATUS[CVE-2023-6560] = "cpe-stable-backport: Backported in 6.6.5" | 5165 | CVE_STATUS[CVE-2023-6560] = "cpe-stable-backport: Backported in 6.6.5" |
| 5156 | 5166 | ||
| 5157 | # CVE-2023-6606 needs backporting (fixed from 6.7rc7) | 5167 | CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.6.9" |
| 5158 | 5168 | ||
| 5159 | # CVE-2023-6610 needs backporting (fixed from 6.7rc7) | 5169 | # CVE-2023-6610 needs backporting (fixed from 6.7rc7) |
| 5160 | 5170 | ||
| 5161 | CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.6.7" | 5171 | CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.6.7" |
| 5162 | 5172 | ||
| 5163 | # CVE-2023-6679 needs backporting (fixed from 6.7rc6) | 5173 | CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards" |
| 5164 | 5174 | ||
| 5165 | CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.6.7" | 5175 | CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.6.7" |
| 5166 | 5176 | ||
| @@ -5170,3 +5180,13 @@ CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.6.5" | |||
| 5170 | 5180 | ||
| 5171 | # CVE-2023-7042 has no known resolution | 5181 | # CVE-2023-7042 has no known resolution |
| 5172 | 5182 | ||
| 5183 | CVE_STATUS[CVE-2023-7192] = "fixed-version: Fixed from version 6.3rc1" | ||
| 5184 | |||
| 5185 | CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10" | ||
| 5186 | |||
| 5187 | CVE_STATUS[CVE-2024-0340] = "fixed-version: Fixed from version 6.4rc6" | ||
| 5188 | |||
| 5189 | CVE_STATUS[CVE-2024-0443] = "fixed-version: Fixed from version 6.4rc7" | ||
| 5190 | |||
| 5191 | # Skipping dd=CVE-2023-1476, no affected_versions | ||
| 5192 | |||