diff options
| author | Yoann Congal <yoann.congal@smile.fr> | 2023-04-23 20:04:18 +0200 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-05-10 04:16:50 -1000 |
| commit | 98eb7954c694a63b645524fa0eee3346cd1bfdb5 (patch) | |
| tree | 12e09582a0d652632c7a01a90c5810953ebc028b /meta/conf | |
| parent | ab60045c61ea5f5f8c6b2b2830faf28e6591ce21 (diff) | |
| download | poky-98eb7954c694a63b645524fa0eee3346cd1bfdb5.tar.gz | |
cve-extra-exclusions: linux-yocto: ignore fixed CVE-2023-1652 & CVE-2023-1829
CVE-2023-1652 & CVE-2023-1829 are fixed by all version used by
linux-yocto.
Fixing commits are not referenced by NVD but are referenced by:
* https://www.linuxkernelcves.com
* Debian kernel-sec team
... this should be trust worthy enough.
(From OE-Core rev: 4c395cfd5edd42e81ef7aa89df8be7e9291ea89c)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
(cherry picked from commit 8f9d6c5b0238641313387c139442566752a1d25d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/conf')
| -rw-r--r-- | meta/conf/distro/include/cve-extra-exclusions.inc | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index 8965a15b37..0ca75bae3e 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc | |||
| @@ -494,6 +494,25 @@ CVE_CHECK_IGNORE += "CVE-2023-1281" | |||
| 494 | # Backported in version v6.1.13 747ca7c8a0c7bce004709143d1cd6596b79b1deb | 494 | # Backported in version v6.1.13 747ca7c8a0c7bce004709143d1cd6596b79b1deb |
| 495 | CVE_CHECK_IGNORE += "CVE-2023-1513" | 495 | CVE_CHECK_IGNORE += "CVE-2023-1513" |
| 496 | 496 | ||
| 497 | # https://nvd.nist.gov/vuln/detail/CVE-2023-1652 | ||
| 498 | # Patched in kernel since v6.2 e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd | ||
| 499 | # Backported in version v5.15.91 0a27dcd5343026ac0cb168ee63304255372b7a36 | ||
| 500 | # Backported in version v6.1.9 32d5eb95f8f0e362e37c393310b13b9e95404560 | ||
| 501 | # Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1652 | ||
| 502 | # Ref: Debian kernel-sec team: https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/retired/CVE-2023-1652 | ||
| 503 | CVE_CHECK_IGNORE += "CVE-2023-1652" | ||
| 504 | |||
| 505 | # https://nvd.nist.gov/vuln/detail/CVE-2023-1829 | ||
| 506 | # Patched in kernel since v6.3-rc1 8c710f75256bb3cf05ac7b1672c82b92c43f3d28 | ||
| 507 | # Backported in version v5.4.235 7a6fb69bbcb21e9ce13bdf18c008c268874f0480 | ||
| 508 | # Backported in version v5.10.173 18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6 | ||
| 509 | # Backported in version v5.15.100 7c183dc0af472dec33d2c0786a5e356baa8cad19 | ||
| 510 | # Backported in version v6.1.18 3abebc503a5148072052c229c6b04b329a420ecd | ||
| 511 | # Backported in version v6.2.5 372ae77cf11d11fb118cbe2d37def9dd5f826abd | ||
| 512 | # Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1829 | ||
| 513 | # Ref: Debian kernel-sec team : https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/active/CVE-2023-1829 | ||
| 514 | CVE_CHECK_IGNORE += "CVE-2023-1829" | ||
| 515 | |||
| 497 | # https://nvd.nist.gov/vuln/detail/CVE-2023-23005 | 516 | # https://nvd.nist.gov/vuln/detail/CVE-2023-23005 |
| 498 | # Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b | 517 | # Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b |
| 499 | # Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee | 518 | # Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee |