diff options
| author | Daniel Turull <daniel.turull@ericsson.com> | 2025-04-26 18:19:29 +0200 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-07-04 07:50:16 -0700 |
| commit | 41d001ba702283c8e87771b2405d1ac7ad27bdd8 (patch) | |
| tree | 8c2247c7d5713b29d4d18cfc177760c521d76621 | |
| parent | 7d19e71c38bd8daa7f0ecf97b6ba09226be7069d (diff) | |
| download | poky-41d001ba702283c8e87771b2405d1ac7ad27bdd8.tar.gz | |
cve-exclusions: correct cve status for 5 entries
In commit 8a7af09feb the CVE_STATUS was copy from the old data
for 6.6 kernel, which had backport information.
Correcting status to when the fix was introduced and adding
references to the fixes.
Fixes: 8a7af09febc28477094de0999ab6321d910811b2
Reported-by: Peter Marko <Peter.Marko@siemens.com>
(From OE-Core rev: cf239892614c0b00feacef6b6e38283832239ad6)
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fc3e32bc4cf79ddce0eb9fa409656de4dc0e00ea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion.inc | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion.inc b/meta/recipes-kernel/linux/cve-exclusion.inc index 5f96a81bdd..f1b7db44b6 100644 --- a/meta/recipes-kernel/linux/cve-exclusion.inc +++ b/meta/recipes-kernel/linux/cve-exclusion.inc | |||
| @@ -141,12 +141,17 @@ CVE_STATUS[CVE-2023-4155] = "fixed-version: Fixed from version 6.5rc6" | |||
| 141 | 141 | ||
| 142 | CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2" | 142 | CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2" |
| 143 | 143 | ||
| 144 | CVE_STATUS[CVE-2023-6270] = "cpe-stable-backport: Backported in 6.6.23" | 144 | # Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f98364e926626c678fb4b9004b75cacf92ff0662 |
| 145 | CVE_STATUS[CVE-2023-6270] = "fixed-version: Fixed from 6.9" | ||
| 145 | 146 | ||
| 146 | CVE_STATUS[CVE-2023-6610] = "cpe-stable-backport: Backported in 6.6.13" | 147 | # Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=567320c46a60a3c39b69aa1df802d753817a3f86 |
| 148 | CVE_STATUS[CVE-2023-6610] = "fixed-version: Fixed from 6.7rc7" | ||
| 147 | 149 | ||
| 148 | CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards" | 150 | #Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=65c95f78917ea6fa7ff189a2c19879c4fe161873 |
| 151 | CVE_STATUS[CVE-2023-6679] = "fixed-version: Fixed from 6.7rc6" | ||
| 149 | 152 | ||
| 150 | CVE_STATUS[CVE-2023-7042] = "cpe-stable-backport: Backported in 6.6.23" | 153 | #Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ad25ee36f00172f7d53242dc77c69fff7ced0755 |
| 154 | CVE_STATUS[CVE-2023-7042] = "fixed-version: Fixed from 6.9rc1" | ||
| 151 | 155 | ||
| 152 | CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10" | 156 | #Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a |
| 157 | CVE_STATUS[CVE-2024-0193] = "fixed-version: Fixed from 6.7" | ||