diff options
| author | Ross Burton <ross.burton@arm.com> | 2023-08-21 13:11:59 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-08-22 15:13:54 +0100 |
| commit | bedbda856130e838c7945e136ca48f52d96b423c (patch) | |
| tree | cfe8753e571781c18f57726631606052faf36e58 | |
| parent | a105e7d254221b5fdac2594fad30574d4b58c41e (diff) | |
| download | poky-bedbda856130e838c7945e136ca48f52d96b423c.tar.gz | |
linux/cve-exclusions: update CVE_STATUS exclusions
(From OE-Core rev: b499411734d0bf7fa817f214f89717c07186af02)
(From OE-Core rev: 0d8c651ddcdf2dc95a12db52c8f7aa45b986432d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 42 | ||||
| -rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.4.inc | 42 |
2 files changed, 78 insertions, 6 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 2441788008..499785f6d2 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 1 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
| 2 | # Generated at 2023-08-09 15:51:19.757857 for version 6.1.43 | 2 | # Generated at 2023-08-21 12:41:13.991251 for version 6.1.43 |
| 3 | 3 | ||
| 4 | CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2" | 4 | CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2" |
| 5 | 5 | ||
| @@ -4451,6 +4451,8 @@ CVE_STATUS[CVE-2022-40768] = "fixed-version: Fixed after version 6.1rc1" | |||
| 4451 | 4451 | ||
| 4452 | CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed after version 6.0rc4" | 4452 | CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed after version 6.0rc4" |
| 4453 | 4453 | ||
| 4454 | # CVE-2022-40982 has no known resolution | ||
| 4455 | |||
| 4454 | CVE_STATUS[CVE-2022-41218] = "cpe-stable-backport: Backported in 6.1.4" | 4456 | CVE_STATUS[CVE-2022-41218] = "cpe-stable-backport: Backported in 6.1.4" |
| 4455 | 4457 | ||
| 4456 | CVE_STATUS[CVE-2022-41222] = "fixed-version: Fixed after version 5.14rc1" | 4458 | CVE_STATUS[CVE-2022-41222] = "fixed-version: Fixed after version 5.14rc1" |
| @@ -4635,7 +4637,7 @@ CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" | |||
| 4635 | 4637 | ||
| 4636 | CVE_STATUS[CVE-2023-1195] = "fixed-version: Fixed after version 6.1rc3" | 4638 | CVE_STATUS[CVE-2023-1195] = "fixed-version: Fixed after version 6.1rc3" |
| 4637 | 4639 | ||
| 4638 | # CVE-2023-1206 has no known resolution | 4640 | CVE_STATUS[CVE-2023-1206] = "cpe-stable-backport: Backported in 6.1.43" |
| 4639 | 4641 | ||
| 4640 | CVE_STATUS[CVE-2023-1249] = "fixed-version: Fixed after version 5.18rc1" | 4642 | CVE_STATUS[CVE-2023-1249] = "fixed-version: Fixed after version 5.18rc1" |
| 4641 | 4643 | ||
| @@ -4691,7 +4693,11 @@ CVE_STATUS[CVE-2023-2008] = "fixed-version: Fixed after version 5.19rc4" | |||
| 4691 | 4693 | ||
| 4692 | CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed after version 6.0rc1" | 4694 | CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed after version 6.0rc1" |
| 4693 | 4695 | ||
| 4694 | # CVE-2023-20593 has no known resolution | 4696 | # CVE-2023-20569 has no known resolution |
| 4697 | |||
| 4698 | # CVE-2023-20588 has no known resolution | ||
| 4699 | |||
| 4700 | CVE_STATUS[CVE-2023-20593] = "cpe-stable-backport: Backported in 6.1.41" | ||
| 4695 | 4701 | ||
| 4696 | CVE_STATUS[CVE-2023-20928] = "fixed-version: Fixed after version 6.0rc1" | 4702 | CVE_STATUS[CVE-2023-20928] = "fixed-version: Fixed after version 6.0rc1" |
| 4697 | 4703 | ||
| @@ -4709,6 +4715,10 @@ CVE_STATUS[CVE-2023-2124] = "cpe-stable-backport: Backported in 6.1.33" | |||
| 4709 | 4715 | ||
| 4710 | CVE_STATUS[CVE-2023-21255] = "cpe-stable-backport: Backported in 6.1.31" | 4716 | CVE_STATUS[CVE-2023-21255] = "cpe-stable-backport: Backported in 6.1.31" |
| 4711 | 4717 | ||
| 4718 | # CVE-2023-21264 needs backporting (fixed from 6.4rc5) | ||
| 4719 | |||
| 4720 | # CVE-2023-21400 has no known resolution | ||
| 4721 | |||
| 4712 | CVE_STATUS[CVE-2023-2156] = "cpe-stable-backport: Backported in 6.1.26" | 4722 | CVE_STATUS[CVE-2023-2156] = "cpe-stable-backport: Backported in 6.1.26" |
| 4713 | 4723 | ||
| 4714 | CVE_STATUS[CVE-2023-2162] = "cpe-stable-backport: Backported in 6.1.11" | 4724 | CVE_STATUS[CVE-2023-2162] = "cpe-stable-backport: Backported in 6.1.11" |
| @@ -4777,6 +4787,8 @@ CVE_STATUS[CVE-2023-2598] = "fixed-version: only affects 6.3rc1 onwards" | |||
| 4777 | 4787 | ||
| 4778 | # CVE-2023-26242 has no known resolution | 4788 | # CVE-2023-26242 has no known resolution |
| 4779 | 4789 | ||
| 4790 | # CVE-2023-2640 has no known resolution | ||
| 4791 | |||
| 4780 | CVE_STATUS[CVE-2023-26544] = "cpe-stable-backport: Backported in 6.1.3" | 4792 | CVE_STATUS[CVE-2023-26544] = "cpe-stable-backport: Backported in 6.1.3" |
| 4781 | 4793 | ||
| 4782 | CVE_STATUS[CVE-2023-26545] = "cpe-stable-backport: Backported in 6.1.13" | 4794 | CVE_STATUS[CVE-2023-26545] = "cpe-stable-backport: Backported in 6.1.13" |
| @@ -4867,6 +4879,8 @@ CVE_STATUS[CVE-2023-32258] = "cpe-stable-backport: Backported in 6.1.29" | |||
| 4867 | 4879 | ||
| 4868 | CVE_STATUS[CVE-2023-32269] = "cpe-stable-backport: Backported in 6.1.11" | 4880 | CVE_STATUS[CVE-2023-32269] = "cpe-stable-backport: Backported in 6.1.11" |
| 4869 | 4881 | ||
| 4882 | # CVE-2023-32629 has no known resolution | ||
| 4883 | |||
| 4870 | CVE_STATUS[CVE-2023-3268] = "cpe-stable-backport: Backported in 6.1.28" | 4884 | CVE_STATUS[CVE-2023-3268] = "cpe-stable-backport: Backported in 6.1.28" |
| 4871 | 4885 | ||
| 4872 | CVE_STATUS[CVE-2023-3269] = "cpe-stable-backport: Backported in 6.1.37" | 4886 | CVE_STATUS[CVE-2023-3269] = "cpe-stable-backport: Backported in 6.1.37" |
| @@ -4905,6 +4919,8 @@ CVE_STATUS[CVE-2023-34255] = "cpe-stable-backport: Backported in 6.1.33" | |||
| 4905 | 4919 | ||
| 4906 | CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29" | 4920 | CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29" |
| 4907 | 4921 | ||
| 4922 | # CVE-2023-34319 has no known resolution | ||
| 4923 | |||
| 4908 | CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed after version 5.18rc5" | 4924 | CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed after version 5.18rc5" |
| 4909 | 4925 | ||
| 4910 | CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39" | 4926 | CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39" |
| @@ -4965,3 +4981,23 @@ CVE_STATUS[CVE-2023-38432] = "cpe-stable-backport: Backported in 6.1.36" | |||
| 4965 | 4981 | ||
| 4966 | CVE_STATUS[CVE-2023-3863] = "cpe-stable-backport: Backported in 6.1.39" | 4982 | CVE_STATUS[CVE-2023-3863] = "cpe-stable-backport: Backported in 6.1.39" |
| 4967 | 4983 | ||
| 4984 | CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42" | ||
| 4985 | |||
| 4986 | # CVE-2023-4010 has no known resolution | ||
| 4987 | |||
| 4988 | # CVE-2023-4128 needs backporting (fixed from 6.5rc5) | ||
| 4989 | |||
| 4990 | CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39" | ||
| 4991 | |||
| 4992 | # CVE-2023-4133 needs backporting (fixed from 6.3) | ||
| 4993 | |||
| 4994 | # CVE-2023-4134 needs backporting (fixed from 6.5rc1) | ||
| 4995 | |||
| 4996 | CVE_STATUS[CVE-2023-4147] = "cpe-stable-backport: Backported in 6.1.43" | ||
| 4997 | |||
| 4998 | # CVE-2023-4155 has no known resolution | ||
| 4999 | |||
| 5000 | # CVE-2023-4194 needs backporting (fixed from 6.5rc5) | ||
| 5001 | |||
| 5002 | # CVE-2023-4273 needs backporting (fixed from 6.5rc5) | ||
| 5003 | |||
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc index 98e9ee25a5..b9210724bf 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 1 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
| 2 | # Generated at 2023-08-09 15:51:30.073765 for version 6.4.9 | 2 | # Generated at 2023-08-21 12:41:33.545124 for version 6.4.9 |
| 3 | 3 | ||
| 4 | CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2" | 4 | CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2" |
| 5 | 5 | ||
| @@ -4451,6 +4451,8 @@ CVE_STATUS[CVE-2022-40768] = "fixed-version: Fixed after version 6.1rc1" | |||
| 4451 | 4451 | ||
| 4452 | CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed after version 6.0rc4" | 4452 | CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed after version 6.0rc4" |
| 4453 | 4453 | ||
| 4454 | # CVE-2022-40982 has no known resolution | ||
| 4455 | |||
| 4454 | CVE_STATUS[CVE-2022-41218] = "fixed-version: Fixed after version 6.2rc1" | 4456 | CVE_STATUS[CVE-2022-41218] = "fixed-version: Fixed after version 6.2rc1" |
| 4455 | 4457 | ||
| 4456 | CVE_STATUS[CVE-2022-41222] = "fixed-version: Fixed after version 5.14rc1" | 4458 | CVE_STATUS[CVE-2022-41222] = "fixed-version: Fixed after version 5.14rc1" |
| @@ -4635,7 +4637,7 @@ CVE_STATUS[CVE-2023-1192] = "fixed-version: Fixed after version 6.4rc1" | |||
| 4635 | 4637 | ||
| 4636 | CVE_STATUS[CVE-2023-1195] = "fixed-version: Fixed after version 6.1rc3" | 4638 | CVE_STATUS[CVE-2023-1195] = "fixed-version: Fixed after version 6.1rc3" |
| 4637 | 4639 | ||
| 4638 | # CVE-2023-1206 has no known resolution | 4640 | CVE_STATUS[CVE-2023-1206] = "cpe-stable-backport: Backported in 6.4.8" |
| 4639 | 4641 | ||
| 4640 | CVE_STATUS[CVE-2023-1249] = "fixed-version: Fixed after version 5.18rc1" | 4642 | CVE_STATUS[CVE-2023-1249] = "fixed-version: Fixed after version 5.18rc1" |
| 4641 | 4643 | ||
| @@ -4691,7 +4693,11 @@ CVE_STATUS[CVE-2023-2008] = "fixed-version: Fixed after version 5.19rc4" | |||
| 4691 | 4693 | ||
| 4692 | CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed after version 6.0rc1" | 4694 | CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed after version 6.0rc1" |
| 4693 | 4695 | ||
| 4694 | # CVE-2023-20593 has no known resolution | 4696 | # CVE-2023-20569 has no known resolution |
| 4697 | |||
| 4698 | # CVE-2023-20588 has no known resolution | ||
| 4699 | |||
| 4700 | CVE_STATUS[CVE-2023-20593] = "cpe-stable-backport: Backported in 6.4.6" | ||
| 4695 | 4701 | ||
| 4696 | CVE_STATUS[CVE-2023-20928] = "fixed-version: Fixed after version 6.0rc1" | 4702 | CVE_STATUS[CVE-2023-20928] = "fixed-version: Fixed after version 6.0rc1" |
| 4697 | 4703 | ||
| @@ -4709,6 +4715,10 @@ CVE_STATUS[CVE-2023-2124] = "fixed-version: Fixed after version 6.4rc1" | |||
| 4709 | 4715 | ||
| 4710 | CVE_STATUS[CVE-2023-21255] = "fixed-version: Fixed after version 6.4rc4" | 4716 | CVE_STATUS[CVE-2023-21255] = "fixed-version: Fixed after version 6.4rc4" |
| 4711 | 4717 | ||
| 4718 | CVE_STATUS[CVE-2023-21264] = "fixed-version: Fixed after version 6.4rc5" | ||
| 4719 | |||
| 4720 | # CVE-2023-21400 has no known resolution | ||
| 4721 | |||
| 4712 | CVE_STATUS[CVE-2023-2156] = "fixed-version: Fixed after version 6.3" | 4722 | CVE_STATUS[CVE-2023-2156] = "fixed-version: Fixed after version 6.3" |
| 4713 | 4723 | ||
| 4714 | CVE_STATUS[CVE-2023-2162] = "fixed-version: Fixed after version 6.2rc6" | 4724 | CVE_STATUS[CVE-2023-2162] = "fixed-version: Fixed after version 6.2rc6" |
| @@ -4777,6 +4787,8 @@ CVE_STATUS[CVE-2023-2598] = "fixed-version: Fixed after version 6.4rc1" | |||
| 4777 | 4787 | ||
| 4778 | # CVE-2023-26242 has no known resolution | 4788 | # CVE-2023-26242 has no known resolution |
| 4779 | 4789 | ||
| 4790 | # CVE-2023-2640 has no known resolution | ||
| 4791 | |||
| 4780 | CVE_STATUS[CVE-2023-26544] = "fixed-version: Fixed after version 6.2rc1" | 4792 | CVE_STATUS[CVE-2023-26544] = "fixed-version: Fixed after version 6.2rc1" |
| 4781 | 4793 | ||
| 4782 | CVE_STATUS[CVE-2023-26545] = "fixed-version: Fixed after version 6.2" | 4794 | CVE_STATUS[CVE-2023-26545] = "fixed-version: Fixed after version 6.2" |
| @@ -4867,6 +4879,8 @@ CVE_STATUS[CVE-2023-32258] = "fixed-version: Fixed after version 6.4rc1" | |||
| 4867 | 4879 | ||
| 4868 | CVE_STATUS[CVE-2023-32269] = "fixed-version: Fixed after version 6.2rc7" | 4880 | CVE_STATUS[CVE-2023-32269] = "fixed-version: Fixed after version 6.2rc7" |
| 4869 | 4881 | ||
| 4882 | # CVE-2023-32629 has no known resolution | ||
| 4883 | |||
| 4870 | CVE_STATUS[CVE-2023-3268] = "fixed-version: Fixed after version 6.4rc1" | 4884 | CVE_STATUS[CVE-2023-3268] = "fixed-version: Fixed after version 6.4rc1" |
| 4871 | 4885 | ||
| 4872 | CVE_STATUS[CVE-2023-3269] = "cpe-stable-backport: Backported in 6.4.1" | 4886 | CVE_STATUS[CVE-2023-3269] = "cpe-stable-backport: Backported in 6.4.1" |
| @@ -4905,6 +4919,8 @@ CVE_STATUS[CVE-2023-34255] = "fixed-version: Fixed after version 6.4rc1" | |||
| 4905 | 4919 | ||
| 4906 | CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed after version 6.4rc2" | 4920 | CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed after version 6.4rc2" |
| 4907 | 4921 | ||
| 4922 | # CVE-2023-34319 has no known resolution | ||
| 4923 | |||
| 4908 | CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed after version 5.18rc5" | 4924 | CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed after version 5.18rc5" |
| 4909 | 4925 | ||
| 4910 | CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.4.4" | 4926 | CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.4.4" |
| @@ -4965,3 +4981,23 @@ CVE_STATUS[CVE-2023-38432] = "fixed-version: Fixed after version 6.4" | |||
| 4965 | 4981 | ||
| 4966 | CVE_STATUS[CVE-2023-3863] = "cpe-stable-backport: Backported in 6.4.4" | 4982 | CVE_STATUS[CVE-2023-3863] = "cpe-stable-backport: Backported in 6.4.4" |
| 4967 | 4983 | ||
| 4984 | CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.4.7" | ||
| 4985 | |||
| 4986 | # CVE-2023-4010 has no known resolution | ||
| 4987 | |||
| 4988 | # CVE-2023-4128 needs backporting (fixed from 6.5rc5) | ||
| 4989 | |||
| 4990 | CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.4.4" | ||
| 4991 | |||
| 4992 | CVE_STATUS[CVE-2023-4133] = "fixed-version: Fixed after version 6.3" | ||
| 4993 | |||
| 4994 | CVE_STATUS[CVE-2023-4134] = "cpe-stable-backport: Backported in 6.4.4" | ||
| 4995 | |||
| 4996 | CVE_STATUS[CVE-2023-4147] = "cpe-stable-backport: Backported in 6.4.8" | ||
| 4997 | |||
| 4998 | # CVE-2023-4155 has no known resolution | ||
| 4999 | |||
| 5000 | # CVE-2023-4194 needs backporting (fixed from 6.5rc5) | ||
| 5001 | |||
| 5002 | # CVE-2023-4273 needs backporting (fixed from 6.5rc5) | ||
| 5003 | |||