diff options
author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-01-19 16:14:19 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-01-22 13:39:22 +0000 |
commit | ec31b04c50c3e89244b6c3b37a33d51a1242c761 (patch) | |
tree | 7dc6977fc35faaba241a09a859b04d1bfd4de93c /meta | |
parent | a897e5978c9af069bdf05a94f3ae899df952b47b (diff) | |
download | poky-ec31b04c50c3e89244b6c3b37a33d51a1242c761.tar.gz |
linux-yocto/6.1: update CVE exclusions
Data pulled from: https://github.com/nluedtke/linux_kernel_cves
1/1 [
Author: Nicholas Luedtke
Email: nicholas.luedtke@uwalumni.com
Subject: Update 15Jan24
Date: Mon, 15 Jan 2024 12:48:45 -0500
]
(From OE-Core rev: 74bf102eb4ae7377527a146e3db1d9ee1da1f2da)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 34 |
1 files changed, 27 insertions, 7 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 9e0c5bc49e..04fd2c021d 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc | |||
@@ -1,9 +1,9 @@ | |||
1 | 1 | ||
2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
3 | # Generated at 2024-01-11 18:31:26.124059+00:00 for version 6.1.72 | 3 | # Generated at 2024-01-18 21:10:06.148505+00:00 for version 6.1.73 |
4 | 4 | ||
5 | python check_kernel_cve_status_version() { | 5 | python check_kernel_cve_status_version() { |
6 | this_version = "6.1.72" | 6 | this_version = "6.1.73" |
7 | kernel_version = d.getVar("LINUX_VERSION") | 7 | kernel_version = d.getVar("LINUX_VERSION") |
8 | if kernel_version != this_version: | 8 | if kernel_version != this_version: |
9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) | 9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) |
@@ -4584,6 +4584,8 @@ CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in 6.1.33" | |||
4584 | 4584 | ||
4585 | CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40" | 4585 | CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40" |
4586 | 4586 | ||
4587 | CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1" | ||
4588 | |||
4587 | CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" | 4589 | CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" |
4588 | 4590 | ||
4589 | CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5" | 4591 | CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5" |
@@ -4644,7 +4646,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16" | |||
4644 | 4646 | ||
4645 | CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" | 4647 | CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" |
4646 | 4648 | ||
4647 | # CVE-2023-1193 needs backporting (fixed from 6.3rc6) | 4649 | CVE_STATUS[CVE-2023-1193] = "cpe-stable-backport: Backported in 6.1.71" |
4648 | 4650 | ||
4649 | CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34" | 4651 | CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34" |
4650 | 4652 | ||
@@ -4666,6 +4668,8 @@ CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7" | |||
4666 | 4668 | ||
4667 | CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4" | 4669 | CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4" |
4668 | 4670 | ||
4671 | # CVE-2023-1476 has no known resolution | ||
4672 | |||
4669 | CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13" | 4673 | CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13" |
4670 | 4674 | ||
4671 | CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4" | 4675 | CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4" |
@@ -5088,7 +5092,7 @@ CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53" | |||
5088 | 5092 | ||
5089 | CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards" | 5093 | CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards" |
5090 | 5094 | ||
5091 | # CVE-2023-4610 needs backporting (fixed from 6.4) | 5095 | CVE_STATUS[CVE-2023-4610] = "fixed-version: only affects 6.4rc1 onwards" |
5092 | 5096 | ||
5093 | CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" | 5097 | CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" |
5094 | 5098 | ||
@@ -5114,7 +5118,7 @@ CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62" | |||
5114 | 5118 | ||
5115 | CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" | 5119 | CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" |
5116 | 5120 | ||
5117 | # CVE-2023-51779 needs backporting (fixed from 6.7rc7) | 5121 | CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.1.70" |
5118 | 5122 | ||
5119 | CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" | 5123 | CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" |
5120 | 5124 | ||
@@ -5136,6 +5140,8 @@ CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards" | |||
5136 | 5140 | ||
5137 | # CVE-2023-6039 needs backporting (fixed from 6.5rc5) | 5141 | # CVE-2023-6039 needs backporting (fixed from 6.5rc5) |
5138 | 5142 | ||
5143 | CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1" | ||
5144 | |||
5139 | CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards" | 5145 | CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards" |
5140 | 5146 | ||
5141 | CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65" | 5147 | CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65" |
@@ -5144,8 +5150,12 @@ CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54" | |||
5144 | 5150 | ||
5145 | # CVE-2023-6238 has no known resolution | 5151 | # CVE-2023-6238 has no known resolution |
5146 | 5152 | ||
5153 | # CVE-2023-6270 has no known resolution | ||
5154 | |||
5147 | # CVE-2023-6356 has no known resolution | 5155 | # CVE-2023-6356 has no known resolution |
5148 | 5156 | ||
5157 | CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.1.68" | ||
5158 | |||
5149 | # CVE-2023-6535 has no known resolution | 5159 | # CVE-2023-6535 has no known resolution |
5150 | 5160 | ||
5151 | # CVE-2023-6536 has no known resolution | 5161 | # CVE-2023-6536 has no known resolution |
@@ -5154,13 +5164,13 @@ CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47" | |||
5154 | 5164 | ||
5155 | # CVE-2023-6560 needs backporting (fixed from 6.7rc4) | 5165 | # CVE-2023-6560 needs backporting (fixed from 6.7rc4) |
5156 | 5166 | ||
5157 | # CVE-2023-6606 needs backporting (fixed from 6.7rc7) | 5167 | CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.1.70" |
5158 | 5168 | ||
5159 | # CVE-2023-6610 needs backporting (fixed from 6.7rc7) | 5169 | # CVE-2023-6610 needs backporting (fixed from 6.7rc7) |
5160 | 5170 | ||
5161 | CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68" | 5171 | CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68" |
5162 | 5172 | ||
5163 | # CVE-2023-6679 needs backporting (fixed from 6.7rc6) | 5173 | CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards" |
5164 | 5174 | ||
5165 | CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68" | 5175 | CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68" |
5166 | 5176 | ||
@@ -5170,3 +5180,13 @@ CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66" | |||
5170 | 5180 | ||
5171 | # CVE-2023-7042 has no known resolution | 5181 | # CVE-2023-7042 has no known resolution |
5172 | 5182 | ||
5183 | CVE_STATUS[CVE-2023-7192] = "cpe-stable-backport: Backported in 6.1.18" | ||
5184 | |||
5185 | CVE_STATUS[CVE-2024-0193] = "fixed-version: only affects 6.5rc6 onwards" | ||
5186 | |||
5187 | # CVE-2024-0340 needs backporting (fixed from 6.4rc6) | ||
5188 | |||
5189 | CVE_STATUS[CVE-2024-0443] = "fixed-version: only affects 6.2rc1 onwards" | ||
5190 | |||
5191 | # Skipping dd=CVE-2023-1476, no affected_versions | ||
5192 | |||