summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@arm.com>2023-10-23 15:05:53 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2023-10-23 15:48:04 +0100
commit0f1651a713092823f74ac8fab4478d7d39b4b789 (patch)
treec809002f55b21f5b6c505224b625275776aa94d0
parenteadd4605daf2c4e164a142516324365bd9d3ccf0 (diff)
downloadpoky-0f1651a713092823f74ac8fab4478d7d39b4b789.tar.gz
linux-yocto: update CVE exclusions
(From OE-Core rev: e586c9ddc86b6d35c651cecd3be22b3e43306ecf) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat
-rw-r--r--meta/recipes-kernel/linux/cve-exclusion_6.1.inc46
-rw-r--r--meta/recipes-kernel/linux/cve-exclusion_6.5.inc40
2 files changed, 77 insertions, 9 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 6af53b0d75..3f708b0cc5 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,6 +1,6 @@
1 1
2# Auto-generated CVE metadata, DO NOT EDIT BY HAND. 2# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
3# Generated at 2023-10-14 12:24:32.747058+00:00 for version 6.1.57 3# Generated at 2023-10-23 14:03:17.479563+00:00 for version 6.1.57
4 4
5python check_kernel_cve_status_version() { 5python check_kernel_cve_status_version() {
6 this_version = "6.1.57" 6 this_version = "6.1.57"
@@ -3354,7 +3354,7 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9"
3354 3354
3355CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4" 3355CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4"
3356 3356
3357# CVE-2020-27418 has no known resolution 3357CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5"
3358 3358
3359CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1" 3359CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1"
3360 3360
@@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7"
4856 4856
4857# CVE-2023-31084 needs backporting (fixed from 6.4rc3) 4857# CVE-2023-31084 needs backporting (fixed from 6.4rc3)
4858 4858
4859# CVE-2023-31085 has no known resolution 4859CVE_STATUS[CVE-2023-31085] = "cpe-stable-backport: Backported in 6.1.57"
4860 4860
4861CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" 4861CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2"
4862 4862
@@ -4936,6 +4936,8 @@ CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29"
4936 4936
4937CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.1.44" 4937CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.1.44"
4938 4938
4939CVE_STATUS[CVE-2023-34324] = "cpe-stable-backport: Backported in 6.1.57"
4940
4939CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" 4941CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5"
4940 4942
4941CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39" 4943CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39"
@@ -5004,6 +5006,16 @@ CVE_STATUS[CVE-2023-3866] = "cpe-stable-backport: Backported in 6.1.36"
5004 5006
5005CVE_STATUS[CVE-2023-3867] = "cpe-stable-backport: Backported in 6.1.40" 5007CVE_STATUS[CVE-2023-3867] = "cpe-stable-backport: Backported in 6.1.40"
5006 5008
5009CVE_STATUS[CVE-2023-39189] = "cpe-stable-backport: Backported in 6.1.54"
5010
5011# CVE-2023-39191 needs backporting (fixed from 6.3rc1)
5012
5013CVE_STATUS[CVE-2023-39192] = "cpe-stable-backport: Backported in 6.1.53"
5014
5015CVE_STATUS[CVE-2023-39193] = "cpe-stable-backport: Backported in 6.1.53"
5016
5017CVE_STATUS[CVE-2023-39194] = "cpe-stable-backport: Backported in 6.1.47"
5018
5007CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42" 5019CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42"
5008 5020
5009# CVE-2023-4010 has no known resolution 5021# CVE-2023-4010 has no known resolution
@@ -5012,6 +5024,8 @@ CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43"
5012 5024
5013CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45" 5025CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45"
5014 5026
5027# CVE-2023-40791 needs backporting (fixed from 6.5rc6)
5028
5015CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45" 5029CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45"
5016 5030
5017CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39" 5031CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39"
@@ -5032,7 +5046,7 @@ CVE_STATUS[CVE-2023-4207] = "cpe-stable-backport: Backported in 6.1.45"
5032 5046
5033CVE_STATUS[CVE-2023-4208] = "cpe-stable-backport: Backported in 6.1.45" 5047CVE_STATUS[CVE-2023-4208] = "cpe-stable-backport: Backported in 6.1.45"
5034 5048
5035# CVE-2023-4244 needs backporting (fixed from 6.5rc7) 5049CVE_STATUS[CVE-2023-4244] = "cpe-stable-backport: Backported in 6.1.56"
5036 5050
5037CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45" 5051CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45"
5038 5052
@@ -5040,8 +5054,12 @@ CVE_STATUS[CVE-2023-42752] = "cpe-stable-backport: Backported in 6.1.53"
5040 5054
5041CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.1.53" 5055CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.1.53"
5042 5056
5057CVE_STATUS[CVE-2023-42754] = "cpe-stable-backport: Backported in 6.1.56"
5058
5043CVE_STATUS[CVE-2023-42755] = "cpe-stable-backport: Backported in 6.1.55" 5059CVE_STATUS[CVE-2023-42755] = "cpe-stable-backport: Backported in 6.1.55"
5044 5060
5061CVE_STATUS[CVE-2023-42756] = "fixed-version: only affects 6.4rc6 onwards"
5062
5045CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" 5063CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1"
5046 5064
5047CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18" 5065CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18"
@@ -5050,23 +5068,39 @@ CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3"
5050 5068
5051CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3" 5069CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3"
5052 5070
5071CVE_STATUS[CVE-2023-44466] = "cpe-stable-backport: Backported in 6.1.40"
5072
5053CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18" 5073CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18"
5054 5074
5055# CVE-2023-4563 needs backporting (fixed from 6.5rc6) 5075CVE_STATUS[CVE-2023-4563] = "cpe-stable-backport: Backported in 6.1.56"
5056 5076
5057CVE_STATUS[CVE-2023-4569] = "cpe-stable-backport: Backported in 6.1.47" 5077CVE_STATUS[CVE-2023-4569] = "cpe-stable-backport: Backported in 6.1.47"
5058 5078
5079CVE_STATUS[CVE-2023-45862] = "cpe-stable-backport: Backported in 6.1.18"
5080
5081CVE_STATUS[CVE-2023-45863] = "cpe-stable-backport: Backported in 6.1.16"
5082
5083CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53"
5084
5085# CVE-2023-45898 needs backporting (fixed from 6.6rc1)
5086
5087# CVE-2023-4610 has no known resolution
5088
5059CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" 5089CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
5060 5090
5061# CVE-2023-4622 needs backporting (fixed from 6.5rc1) 5091# CVE-2023-4622 needs backporting (fixed from 6.5rc1)
5062 5092
5063CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53" 5093CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53"
5064 5094
5095CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1"
5096
5065CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54" 5097CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54"
5066 5098
5067CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" 5099CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54"
5068 5100
5069# CVE-2023-5158 has no known resolution 5101# CVE-2023-5158 has no known resolution
5070 5102
5071# CVE-2023-5197 needs backporting (fixed from 6.6rc3) 5103CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56"
5104
5105CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56"
5072 5106
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc
index dbcfdcd31c..69cf790844 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc
@@ -1,6 +1,6 @@
1 1
2# Auto-generated CVE metadata, DO NOT EDIT BY HAND. 2# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
3# Generated at 2023-10-14 12:24:32.683888+00:00 for version 6.5.7 3# Generated at 2023-10-23 14:03:24.529766+00:00 for version 6.5.7
4 4
5python check_kernel_cve_status_version() { 5python check_kernel_cve_status_version() {
6 this_version = "6.5.7" 6 this_version = "6.5.7"
@@ -3354,7 +3354,7 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9"
3354 3354
3355CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4" 3355CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4"
3356 3356
3357# CVE-2020-27418 has no known resolution 3357CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5"
3358 3358
3359CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1" 3359CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1"
3360 3360
@@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7"
4856 4856
4857CVE_STATUS[CVE-2023-31084] = "fixed-version: Fixed from version 6.4rc3" 4857CVE_STATUS[CVE-2023-31084] = "fixed-version: Fixed from version 6.4rc3"
4858 4858
4859# CVE-2023-31085 has no known resolution 4859# CVE-2023-31085 needs backporting (fixed from 6.6rc5)
4860 4860
4861CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" 4861CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2"
4862 4862
@@ -4936,6 +4936,8 @@ CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed from version 6.4rc2"
4936 4936
4937CVE_STATUS[CVE-2023-34319] = "fixed-version: Fixed from version 6.5rc6" 4937CVE_STATUS[CVE-2023-34319] = "fixed-version: Fixed from version 6.5rc6"
4938 4938
4939# CVE-2023-34324 needs backporting (fixed from 6.6rc6)
4940
4939CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" 4941CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5"
4940 4942
4941CVE_STATUS[CVE-2023-35001] = "fixed-version: Fixed from version 6.5rc2" 4943CVE_STATUS[CVE-2023-35001] = "fixed-version: Fixed from version 6.5rc2"
@@ -5004,6 +5006,16 @@ CVE_STATUS[CVE-2023-3866] = "fixed-version: Fixed from version 6.4"
5004 5006
5005CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5rc1" 5007CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5rc1"
5006 5008
5009# CVE-2023-39189 needs backporting (fixed from 6.6rc1)
5010
5011CVE_STATUS[CVE-2023-39191] = "fixed-version: Fixed from version 6.3rc1"
5012
5013# CVE-2023-39192 needs backporting (fixed from 6.6rc1)
5014
5015# CVE-2023-39193 needs backporting (fixed from 6.6rc1)
5016
5017CVE_STATUS[CVE-2023-39194] = "fixed-version: Fixed from version 6.5rc7"
5018
5007CVE_STATUS[CVE-2023-4004] = "fixed-version: Fixed from version 6.5rc3" 5019CVE_STATUS[CVE-2023-4004] = "fixed-version: Fixed from version 6.5rc3"
5008 5020
5009# CVE-2023-4010 has no known resolution 5021# CVE-2023-4010 has no known resolution
@@ -5012,6 +5024,8 @@ CVE_STATUS[CVE-2023-4015] = "fixed-version: Fixed from version 6.5rc4"
5012 5024
5013CVE_STATUS[CVE-2023-40283] = "fixed-version: Fixed from version 6.5rc1" 5025CVE_STATUS[CVE-2023-40283] = "fixed-version: Fixed from version 6.5rc1"
5014 5026
5027CVE_STATUS[CVE-2023-40791] = "fixed-version: Fixed from version 6.5rc6"
5028
5015CVE_STATUS[CVE-2023-4128] = "fixed-version: Fixed from version 6.5rc5" 5029CVE_STATUS[CVE-2023-4128] = "fixed-version: Fixed from version 6.5rc5"
5016 5030
5017CVE_STATUS[CVE-2023-4132] = "fixed-version: Fixed from version 6.5rc1" 5031CVE_STATUS[CVE-2023-4132] = "fixed-version: Fixed from version 6.5rc1"
@@ -5040,8 +5054,12 @@ CVE_STATUS[CVE-2023-4273] = "fixed-version: Fixed from version 6.5rc5"
5040 5054
5041# CVE-2023-42753 needs backporting (fixed from 6.6rc1) 5055# CVE-2023-42753 needs backporting (fixed from 6.6rc1)
5042 5056
5057# CVE-2023-42754 needs backporting (fixed from 6.6rc3)
5058
5043CVE_STATUS[CVE-2023-42755] = "fixed-version: Fixed from version 6.3rc1" 5059CVE_STATUS[CVE-2023-42755] = "fixed-version: Fixed from version 6.3rc1"
5044 5060
5061# CVE-2023-42756 needs backporting (fixed from 6.6rc3)
5062
5045CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" 5063CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1"
5046 5064
5047CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18" 5065CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18"
@@ -5050,18 +5068,32 @@ CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3"
5050 5068
5051CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3" 5069CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3"
5052 5070
5071CVE_STATUS[CVE-2023-44466] = "fixed-version: Fixed from version 6.5rc2"
5072
5053CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18" 5073CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18"
5054 5074
5055CVE_STATUS[CVE-2023-4563] = "fixed-version: Fixed from version 6.5rc6" 5075CVE_STATUS[CVE-2023-4563] = "fixed-version: Fixed from version 6.5rc6"
5056 5076
5057CVE_STATUS[CVE-2023-4569] = "fixed-version: Fixed from version 6.5rc7" 5077CVE_STATUS[CVE-2023-4569] = "fixed-version: Fixed from version 6.5rc7"
5058 5078
5079CVE_STATUS[CVE-2023-45862] = "fixed-version: Fixed from version 6.3rc1"
5080
5081CVE_STATUS[CVE-2023-45863] = "fixed-version: Fixed from version 6.3rc1"
5082
5083# CVE-2023-45871 needs backporting (fixed from 6.6rc1)
5084
5085# CVE-2023-45898 needs backporting (fixed from 6.6rc1)
5086
5087# CVE-2023-4610 has no known resolution
5088
5059CVE_STATUS[CVE-2023-4611] = "fixed-version: Fixed from version 6.5rc4" 5089CVE_STATUS[CVE-2023-4611] = "fixed-version: Fixed from version 6.5rc4"
5060 5090
5061CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1" 5091CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1"
5062 5092
5063# CVE-2023-4623 needs backporting (fixed from 6.6rc1) 5093# CVE-2023-4623 needs backporting (fixed from 6.6rc1)
5064 5094
5095CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1"
5096
5065# CVE-2023-4881 needs backporting (fixed from 6.6rc1) 5097# CVE-2023-4881 needs backporting (fixed from 6.6rc1)
5066 5098
5067# CVE-2023-4921 needs backporting (fixed from 6.6rc1) 5099# CVE-2023-4921 needs backporting (fixed from 6.6rc1)
@@ -5070,3 +5102,5 @@ CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1"
5070 5102
5071# CVE-2023-5197 needs backporting (fixed from 6.6rc3) 5103# CVE-2023-5197 needs backporting (fixed from 6.6rc3)
5072 5104
5105# CVE-2023-5345 needs backporting (fixed from 6.6rc4)
5106
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-05 12:27:26 +0000