summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBruce Ashfield <bruce.ashfield@gmail.com>2024-01-19 16:14:19 -0500
committerSteve Sakoman <steve@sakoman.com>2024-01-31 04:10:24 -1000
commit96ceab7e0c8c995605a7776ecd89b2a04b325efd (patch)
tree9bd31cff86aae3c07deee9cf4b89e40265828b7c
parent252dd4cf2516fae5ecae3316e44f67544787df25 (diff)
downloadpoky-96ceab7e0c8c995605a7776ecd89b2a04b325efd.tar.gz
linux-yocto/6.1: update CVE exclusions
Data pulled from: https://github.com/nluedtke/linux_kernel_cves 1/1 [ Author: Nicholas Luedtke Email: nicholas.luedtke@uwalumni.com Subject: Update 15Jan24 Date: Mon, 15 Jan 2024 12:48:45 -0500 ] (From OE-Core rev: dfd3c5c6fbe2cd3b0723879bd2b6574eb59a5860) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 74bf102eb4ae7377527a146e3db1d9ee1da1f2da) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-kernel/linux/cve-exclusion_6.1.inc34
1 files changed, 27 insertions, 7 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 4183ceab04..45fcc7b260 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,9 +1,9 @@
1 1
2# Auto-generated CVE metadata, DO NOT EDIT BY HAND. 2# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
3# Generated at 2024-01-11 18:31:26.124059+00:00 for version 6.1.72 3# Generated at 2024-01-18 21:10:06.148505+00:00 for version 6.1.73
4 4
5python check_kernel_cve_status_version() { 5python check_kernel_cve_status_version() {
6 this_version = "6.1.72" 6 this_version = "6.1.73"
7 kernel_version = d.getVar("LINUX_VERSION") 7 kernel_version = d.getVar("LINUX_VERSION")
8 if kernel_version != this_version: 8 if kernel_version != this_version:
9 bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) 9 bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4584,6 +4584,8 @@ CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in 6.1.33"
4584 4584
4585CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40" 4585CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40"
4586 4586
4587CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1"
4588
4587CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" 4589CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1"
4588 4590
4589CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5" 4591CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5"
@@ -4644,7 +4646,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16"
4644 4646
4645CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" 4647CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33"
4646 4648
4647# CVE-2023-1193 needs backporting (fixed from 6.3rc6) 4649CVE_STATUS[CVE-2023-1193] = "cpe-stable-backport: Backported in 6.1.71"
4648 4650
4649CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34" 4651CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34"
4650 4652
@@ -4666,6 +4668,8 @@ CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7"
4666 4668
4667CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4" 4669CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4"
4668 4670
4671# CVE-2023-1476 has no known resolution
4672
4669CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13" 4673CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13"
4670 4674
4671CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4" 4675CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4"
@@ -5088,7 +5092,7 @@ CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53"
5088 5092
5089CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards" 5093CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards"
5090 5094
5091# CVE-2023-4610 needs backporting (fixed from 6.4) 5095CVE_STATUS[CVE-2023-4610] = "fixed-version: only affects 6.4rc1 onwards"
5092 5096
5093CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" 5097CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
5094 5098
@@ -5112,7 +5116,7 @@ CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62"
5112 5116
5113CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" 5117CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57"
5114 5118
5115# CVE-2023-51779 needs backporting (fixed from 6.7rc7) 5119CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.1.70"
5116 5120
5117CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" 5121CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60"
5118 5122
@@ -5134,6 +5138,8 @@ CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards"
5134 5138
5135# CVE-2023-6039 needs backporting (fixed from 6.5rc5) 5139# CVE-2023-6039 needs backporting (fixed from 6.5rc5)
5136 5140
5141CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1"
5142
5137CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards" 5143CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards"
5138 5144
5139CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65" 5145CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65"
@@ -5142,8 +5148,12 @@ CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54"
5142 5148
5143# CVE-2023-6238 has no known resolution 5149# CVE-2023-6238 has no known resolution
5144 5150
5151# CVE-2023-6270 has no known resolution
5152
5145# CVE-2023-6356 has no known resolution 5153# CVE-2023-6356 has no known resolution
5146 5154
5155CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.1.68"
5156
5147# CVE-2023-6535 has no known resolution 5157# CVE-2023-6535 has no known resolution
5148 5158
5149# CVE-2023-6536 has no known resolution 5159# CVE-2023-6536 has no known resolution
@@ -5152,13 +5162,13 @@ CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47"
5152 5162
5153# CVE-2023-6560 needs backporting (fixed from 6.7rc4) 5163# CVE-2023-6560 needs backporting (fixed from 6.7rc4)
5154 5164
5155# CVE-2023-6606 needs backporting (fixed from 6.7rc7) 5165CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.1.70"
5156 5166
5157# CVE-2023-6610 needs backporting (fixed from 6.7rc7) 5167# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
5158 5168
5159CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68" 5169CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68"
5160 5170
5161# CVE-2023-6679 needs backporting (fixed from 6.7rc6) 5171CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
5162 5172
5163CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68" 5173CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68"
5164 5174
@@ -5168,3 +5178,13 @@ CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66"
5168 5178
5169# CVE-2023-7042 has no known resolution 5179# CVE-2023-7042 has no known resolution
5170 5180
5181CVE_STATUS[CVE-2023-7192] = "cpe-stable-backport: Backported in 6.1.18"
5182
5183CVE_STATUS[CVE-2024-0193] = "fixed-version: only affects 6.5rc6 onwards"
5184
5185# CVE-2024-0340 needs backporting (fixed from 6.4rc6)
5186
5187CVE_STATUS[CVE-2024-0443] = "fixed-version: only affects 6.2rc1 onwards"
5188
5189# Skipping dd=CVE-2023-1476, no affected_versions
5190
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-14 10:37:09 +0000