diff options
author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-02-26 17:34:53 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-02-27 14:31:36 +0000 |
commit | 4945ca640b893c2251ace915edaa722886fac93f (patch) | |
tree | 7eff3cff0bb19bf98af5226a7d2417faa50943ab /meta | |
parent | f1da2426401ad0aceab9660b5a935decb4d37837 (diff) | |
download | poky-4945ca640b893c2251ace915edaa722886fac93f.tar.gz |
linux-yocto/6.6: update CVE exclusions
Data pulled from: https://github.com/nluedtke/linux_kernel_cves
1/1 [
Author: Nicholas Luedtke
Email: nicholas.luedtke@uwalumni.com
Subject: Update 25Feb24
Date: Sun, 25 Feb 2024 07:03:08 -0500
]
(From OE-Core rev: efa1420085d1671c7e3c9daa1949b36cf1822ed1)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.6.inc | 124 |
1 files changed, 118 insertions, 6 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.6.inc b/meta/recipes-kernel/linux/cve-exclusion_6.6.inc index 0274496da3..723a588429 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.6.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.6.inc | |||
@@ -1,9 +1,9 @@ | |||
1 | 1 | ||
2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
3 | # Generated at 2024-02-21 00:38:40.167585+00:00 for version 6.6.17 | 3 | # Generated at 2024-02-26 20:14:05.493685+00:00 for version 6.6.18 |
4 | 4 | ||
5 | python check_kernel_cve_status_version() { | 5 | python check_kernel_cve_status_version() { |
6 | this_version = "6.6.17" | 6 | this_version = "6.6.18" |
7 | kernel_version = d.getVar("LINUX_VERSION") | 7 | kernel_version = d.getVar("LINUX_VERSION") |
8 | if kernel_version != this_version: | 8 | if kernel_version != this_version: |
9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) | 9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) |
@@ -5144,6 +5144,70 @@ CVE_STATUS[CVE-2023-5197] = "fixed-version: Fixed from version 6.6rc3" | |||
5144 | 5144 | ||
5145 | CVE_STATUS[CVE-2023-52340] = "fixed-version: Fixed from version 6.3rc1" | 5145 | CVE_STATUS[CVE-2023-52340] = "fixed-version: Fixed from version 6.3rc1" |
5146 | 5146 | ||
5147 | CVE_STATUS[CVE-2023-52429] = "cpe-stable-backport: Backported in 6.6.18" | ||
5148 | |||
5149 | CVE_STATUS[CVE-2023-52433] = "fixed-version: Fixed from version 6.6rc1" | ||
5150 | |||
5151 | CVE_STATUS[CVE-2023-52434] = "cpe-stable-backport: Backported in 6.6.8" | ||
5152 | |||
5153 | CVE_STATUS[CVE-2023-52435] = "cpe-stable-backport: Backported in 6.6.11" | ||
5154 | |||
5155 | CVE_STATUS[CVE-2023-52436] = "cpe-stable-backport: Backported in 6.6.13" | ||
5156 | |||
5157 | CVE_STATUS[CVE-2023-52438] = "cpe-stable-backport: Backported in 6.6.13" | ||
5158 | |||
5159 | CVE_STATUS[CVE-2023-52439] = "cpe-stable-backport: Backported in 6.6.13" | ||
5160 | |||
5161 | CVE_STATUS[CVE-2023-52440] = "fixed-version: Fixed from version 6.6rc1" | ||
5162 | |||
5163 | CVE_STATUS[CVE-2023-52441] = "fixed-version: Fixed from version 6.5rc4" | ||
5164 | |||
5165 | CVE_STATUS[CVE-2023-52442] = "fixed-version: Fixed from version 6.5rc4" | ||
5166 | |||
5167 | CVE_STATUS[CVE-2023-52443] = "cpe-stable-backport: Backported in 6.6.14" | ||
5168 | |||
5169 | CVE_STATUS[CVE-2023-52444] = "cpe-stable-backport: Backported in 6.6.14" | ||
5170 | |||
5171 | CVE_STATUS[CVE-2023-52445] = "cpe-stable-backport: Backported in 6.6.14" | ||
5172 | |||
5173 | CVE_STATUS[CVE-2023-52446] = "cpe-stable-backport: Backported in 6.6.14" | ||
5174 | |||
5175 | CVE_STATUS[CVE-2023-52447] = "cpe-stable-backport: Backported in 6.6.14" | ||
5176 | |||
5177 | CVE_STATUS[CVE-2023-52448] = "cpe-stable-backport: Backported in 6.6.14" | ||
5178 | |||
5179 | CVE_STATUS[CVE-2023-52449] = "cpe-stable-backport: Backported in 6.6.14" | ||
5180 | |||
5181 | CVE_STATUS[CVE-2023-52450] = "cpe-stable-backport: Backported in 6.6.14" | ||
5182 | |||
5183 | CVE_STATUS[CVE-2023-52451] = "cpe-stable-backport: Backported in 6.6.14" | ||
5184 | |||
5185 | CVE_STATUS[CVE-2023-52452] = "cpe-stable-backport: Backported in 6.6.14" | ||
5186 | |||
5187 | CVE_STATUS[CVE-2023-52453] = "cpe-stable-backport: Backported in 6.6.14" | ||
5188 | |||
5189 | CVE_STATUS[CVE-2023-52454] = "cpe-stable-backport: Backported in 6.6.14" | ||
5190 | |||
5191 | CVE_STATUS[CVE-2023-52455] = "cpe-stable-backport: Backported in 6.6.14" | ||
5192 | |||
5193 | CVE_STATUS[CVE-2023-52456] = "cpe-stable-backport: Backported in 6.6.14" | ||
5194 | |||
5195 | CVE_STATUS[CVE-2023-52457] = "cpe-stable-backport: Backported in 6.6.14" | ||
5196 | |||
5197 | CVE_STATUS[CVE-2023-52458] = "cpe-stable-backport: Backported in 6.6.14" | ||
5198 | |||
5199 | CVE_STATUS[CVE-2023-52459] = "cpe-stable-backport: Backported in 6.6.14" | ||
5200 | |||
5201 | CVE_STATUS[CVE-2023-52460] = "fixed-version: only affects 6.7rc1 onwards" | ||
5202 | |||
5203 | CVE_STATUS[CVE-2023-52461] = "fixed-version: only affects 6.7rc1 onwards" | ||
5204 | |||
5205 | CVE_STATUS[CVE-2023-52462] = "cpe-stable-backport: Backported in 6.6.14" | ||
5206 | |||
5207 | CVE_STATUS[CVE-2023-52463] = "cpe-stable-backport: Backported in 6.6.14" | ||
5208 | |||
5209 | CVE_STATUS[CVE-2023-52464] = "cpe-stable-backport: Backported in 6.6.14" | ||
5210 | |||
5147 | CVE_STATUS[CVE-2023-5345] = "fixed-version: Fixed from version 6.6rc4" | 5211 | CVE_STATUS[CVE-2023-5345] = "fixed-version: Fixed from version 6.6rc4" |
5148 | 5212 | ||
5149 | CVE_STATUS[CVE-2023-5633] = "fixed-version: Fixed from version 6.6rc6" | 5213 | CVE_STATUS[CVE-2023-5633] = "fixed-version: Fixed from version 6.6rc6" |
@@ -5234,6 +5298,8 @@ CVE_STATUS[CVE-2024-1085] = "cpe-stable-backport: Backported in 6.6.14" | |||
5234 | 5298 | ||
5235 | CVE_STATUS[CVE-2024-1086] = "cpe-stable-backport: Backported in 6.6.15" | 5299 | CVE_STATUS[CVE-2024-1086] = "cpe-stable-backport: Backported in 6.6.15" |
5236 | 5300 | ||
5301 | CVE_STATUS[CVE-2024-1151] = "cpe-stable-backport: Backported in 6.6.18" | ||
5302 | |||
5237 | CVE_STATUS[CVE-2024-1312] = "fixed-version: Fixed from version 6.5rc4" | 5303 | CVE_STATUS[CVE-2024-1312] = "fixed-version: Fixed from version 6.5rc4" |
5238 | 5304 | ||
5239 | # CVE-2024-21803 has no known resolution | 5305 | # CVE-2024-21803 has no known resolution |
@@ -5252,11 +5318,11 @@ CVE_STATUS[CVE-2024-22705] = "cpe-stable-backport: Backported in 6.6.10" | |||
5252 | 5318 | ||
5253 | CVE_STATUS[CVE-2024-23849] = "cpe-stable-backport: Backported in 6.6.15" | 5319 | CVE_STATUS[CVE-2024-23849] = "cpe-stable-backport: Backported in 6.6.15" |
5254 | 5320 | ||
5255 | # CVE-2024-23850 has no known resolution | 5321 | CVE_STATUS[CVE-2024-23850] = "cpe-stable-backport: Backported in 6.6.18" |
5256 | 5322 | ||
5257 | # CVE-2024-23851 has no known resolution | 5323 | CVE_STATUS[CVE-2024-23851] = "cpe-stable-backport: Backported in 6.6.18" |
5258 | 5324 | ||
5259 | # CVE-2024-24855 has no known resolution | 5325 | CVE_STATUS[CVE-2024-24855] = "fixed-version: Fixed from version 6.5rc2" |
5260 | 5326 | ||
5261 | # CVE-2024-24857 has no known resolution | 5327 | # CVE-2024-24857 has no known resolution |
5262 | 5328 | ||
@@ -5264,9 +5330,55 @@ CVE_STATUS[CVE-2024-23849] = "cpe-stable-backport: Backported in 6.6.15" | |||
5264 | 5330 | ||
5265 | # CVE-2024-24859 has no known resolution | 5331 | # CVE-2024-24859 has no known resolution |
5266 | 5332 | ||
5267 | # CVE-2024-24860 has no known resolution | 5333 | CVE_STATUS[CVE-2024-24860] = "cpe-stable-backport: Backported in 6.6.14" |
5268 | 5334 | ||
5269 | # CVE-2024-24861 has no known resolution | 5335 | # CVE-2024-24861 has no known resolution |
5270 | 5336 | ||
5271 | # CVE-2024-24864 has no known resolution | 5337 | # CVE-2024-24864 has no known resolution |
5272 | 5338 | ||
5339 | # CVE-2024-25739 has no known resolution | ||
5340 | |||
5341 | # CVE-2024-25740 has no known resolution | ||
5342 | |||
5343 | # CVE-2024-25741 has no known resolution | ||
5344 | |||
5345 | CVE_STATUS[CVE-2024-25744] = "cpe-stable-backport: Backported in 6.6.7" | ||
5346 | |||
5347 | CVE_STATUS[CVE-2024-26581] = "cpe-stable-backport: Backported in 6.6.17" | ||
5348 | |||
5349 | CVE_STATUS[CVE-2024-26582] = "cpe-stable-backport: Backported in 6.6.18" | ||
5350 | |||
5351 | CVE_STATUS[CVE-2024-26583] = "cpe-stable-backport: Backported in 6.6.18" | ||
5352 | |||
5353 | CVE_STATUS[CVE-2024-26584] = "cpe-stable-backport: Backported in 6.6.18" | ||
5354 | |||
5355 | CVE_STATUS[CVE-2024-26585] = "cpe-stable-backport: Backported in 6.6.18" | ||
5356 | |||
5357 | CVE_STATUS[CVE-2024-26586] = "cpe-stable-backport: Backported in 6.6.14" | ||
5358 | |||
5359 | CVE_STATUS[CVE-2024-26587] = "cpe-stable-backport: Backported in 6.6.14" | ||
5360 | |||
5361 | CVE_STATUS[CVE-2024-26588] = "cpe-stable-backport: Backported in 6.6.14" | ||
5362 | |||
5363 | CVE_STATUS[CVE-2024-26589] = "cpe-stable-backport: Backported in 6.6.14" | ||
5364 | |||
5365 | CVE_STATUS[CVE-2024-26590] = "cpe-stable-backport: Backported in 6.6.14" | ||
5366 | |||
5367 | CVE_STATUS[CVE-2024-26591] = "cpe-stable-backport: Backported in 6.6.14" | ||
5368 | |||
5369 | CVE_STATUS[CVE-2024-26592] = "cpe-stable-backport: Backported in 6.6.14" | ||
5370 | |||
5371 | CVE_STATUS[CVE-2024-26593] = "cpe-stable-backport: Backported in 6.6.18" | ||
5372 | |||
5373 | CVE_STATUS[CVE-2024-26594] = "cpe-stable-backport: Backported in 6.6.14" | ||
5374 | |||
5375 | CVE_STATUS[CVE-2024-26595] = "cpe-stable-backport: Backported in 6.6.14" | ||
5376 | |||
5377 | # CVE-2024-26596 needs backporting (fixed from 6.8rc1) | ||
5378 | |||
5379 | CVE_STATUS[CVE-2024-26597] = "cpe-stable-backport: Backported in 6.6.14" | ||
5380 | |||
5381 | CVE_STATUS[CVE-2024-26598] = "cpe-stable-backport: Backported in 6.6.14" | ||
5382 | |||
5383 | CVE_STATUS[CVE-2024-26599] = "cpe-stable-backport: Backported in 6.6.14" | ||
5384 | |||