diff options
| author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2025-08-13 16:49:18 -0400 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2025-08-14 10:31:11 +0100 |
| commit | d92219a36ffc29de39fe800113799c0b76856130 (patch) | |
| tree | 150316c56757c29b8d6905af702fbadc247b8abc | |
| parent | b7b2f394844b0e3b5f69748ef86183d64e927191 (diff) | |
| download | poky-d92219a36ffc29de39fe800113799c0b76856130.tar.gz | |
linux-yocto/6.12: update CVE exclusions (6.12.40)
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 4 changes (1 new | 3 updated): - 1 new CVEs: CVE-2025-8126 - 3 updated CVEs: CVE-2025-31952, CVE-2025-31953, CVE-2025-31955
Date: Fri, 25 Jul 2025 02:18:30 +0000
]
(From OE-Core rev: e504bd7a9e908be0937d6fc9f6b9699b0acdc2aa)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.12.inc | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc index e428258bb1..ee2f30b3db 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc | |||
| @@ -1,11 +1,11 @@ | |||
| 1 | 1 | ||
| 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
| 3 | # Generated at 2025-07-18 14:17:49.367230+00:00 for kernel version 6.12.39 | 3 | # Generated at 2025-07-25 02:49:32.259439+00:00 for kernel version 6.12.40 |
| 4 | # From linux_kernel_cves cve_2025-07-18_1400Z | 4 | # From linux_kernel_cves cve_2025-07-25_0100Z-1-g854b2f05e2c |
| 5 | 5 | ||
| 6 | 6 | ||
| 7 | python check_kernel_cve_status_version() { | 7 | python check_kernel_cve_status_version() { |
| 8 | this_version = "6.12.39" | 8 | this_version = "6.12.40" |
| 9 | kernel_version = d.getVar("LINUX_VERSION") | 9 | kernel_version = d.getVar("LINUX_VERSION") |
| 10 | if kernel_version != this_version: | 10 | if kernel_version != this_version: |
| 11 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) | 11 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) |
| @@ -12938,7 +12938,7 @@ CVE_STATUS[CVE-2025-22112] = "cpe-stable-backport: Backported in 6.12.35" | |||
| 12938 | 12938 | ||
| 12939 | CVE_STATUS[CVE-2025-22114] = "fixed-version: only affects 6.14 onwards" | 12939 | CVE_STATUS[CVE-2025-22114] = "fixed-version: only affects 6.14 onwards" |
| 12940 | 12940 | ||
| 12941 | # CVE-2025-22115 needs backporting (fixed from 6.15) | 12941 | CVE_STATUS[CVE-2025-22115] = "cpe-stable-backport: Backported in 6.12.40" |
| 12942 | 12942 | ||
| 12943 | # CVE-2025-22116 needs backporting (fixed from 6.15) | 12943 | # CVE-2025-22116 needs backporting (fixed from 6.15) |
| 12944 | 12944 | ||
| @@ -14236,6 +14236,12 @@ CVE_STATUS[CVE-2025-38348] = "cpe-stable-backport: Backported in 6.12.35" | |||
| 14236 | 14236 | ||
| 14237 | CVE_STATUS[CVE-2025-38349] = "cpe-stable-backport: Backported in 6.12.39" | 14237 | CVE_STATUS[CVE-2025-38349] = "cpe-stable-backport: Backported in 6.12.39" |
| 14238 | 14238 | ||
| 14239 | CVE_STATUS[CVE-2025-38350] = "cpe-stable-backport: Backported in 6.12.37" | ||
| 14240 | |||
| 14241 | # CVE-2025-38351 needs backporting (fixed from 6.16rc6) | ||
| 14242 | |||
| 14243 | CVE_STATUS[CVE-2025-38352] = "cpe-stable-backport: Backported in 6.12.34" | ||
| 14244 | |||
| 14239 | CVE_STATUS[CVE-2025-38479] = "cpe-stable-backport: Backported in 6.12.23" | 14245 | CVE_STATUS[CVE-2025-38479] = "cpe-stable-backport: Backported in 6.12.23" |
| 14240 | 14246 | ||
| 14241 | CVE_STATUS[CVE-2025-38575] = "cpe-stable-backport: Backported in 6.12.23" | 14247 | CVE_STATUS[CVE-2025-38575] = "cpe-stable-backport: Backported in 6.12.23" |