summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta/conf/distro/include/cve-extra-exclusions.inc212
-rw-r--r--meta/recipes-kernel/linux/cve-exclusion_5.15.inc90
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb3
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb3
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.15.bb3
5 files changed, 311 insertions, 0 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index 8b5f8d49b8..f5d6867ed4 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -78,9 +78,34 @@ CVE_CHECK_IGNORE += "CVE-2018-1000026 CVE-2018-10840 CVE-2018-10876 CVE-2018-108
78CVE_CHECK_IGNORE += "CVE-2019-10126 CVE-2019-14899 CVE-2019-18910 CVE-2019-3016 CVE-2019-3819 CVE-2019-3846 CVE-2019-3887" 78CVE_CHECK_IGNORE += "CVE-2019-10126 CVE-2019-14899 CVE-2019-18910 CVE-2019-3016 CVE-2019-3819 CVE-2019-3846 CVE-2019-3887"
79# 2020 79# 2020
80CVE_CHECK_IGNORE += "CVE-2020-10732 CVE-2020-10742 CVE-2020-16119 CVE-2020-1749 CVE-2020-25672 CVE-2020-27820 CVE-2020-35501 CVE-2020-8834" 80CVE_CHECK_IGNORE += "CVE-2020-10732 CVE-2020-10742 CVE-2020-16119 CVE-2020-1749 CVE-2020-25672 CVE-2020-27820 CVE-2020-35501 CVE-2020-8834"
81
82# https://nvd.nist.gov/vuln/detail/CVE-2020-27784
83# Introduced in version v4.1 b26394bd567e5ebe57ec4dee7fe6cd14023c96e9
84# Patched in kernel since v5.10 e8d5f92b8d30bb4ade76494490c3c065e12411b1
85# Backported in version v5.4.73 e9e791f5c39ab30e374a3b1a9c25ca7ff24988f3
86CVE_CHECK_IGNORE += "CVE-2020-27784"
87
81# 2021 88# 2021
82CVE_CHECK_IGNORE += "CVE-2021-20194 CVE-2021-20226 CVE-2021-20265 CVE-2021-3564 CVE-2021-3743 CVE-2021-3847 CVE-2021-4002 \ 89CVE_CHECK_IGNORE += "CVE-2021-20194 CVE-2021-20226 CVE-2021-20265 CVE-2021-3564 CVE-2021-3743 CVE-2021-3847 CVE-2021-4002 \
83 CVE-2021-4090 CVE-2021-4095 CVE-2021-4197 CVE-2021-4202 CVE-2021-44879 CVE-2021-45402" 90 CVE-2021-4090 CVE-2021-4095 CVE-2021-4197 CVE-2021-4202 CVE-2021-44879 CVE-2021-45402"
91
92# https://nvd.nist.gov/vuln/detail/CVE-2021-3669
93# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
94# Patched in kernel since v5.15 20401d1058f3f841f35a594ac2fc1293710e55b9
95CVE_CHECK_IGNORE += "CVE-2021-3669"
96
97# https://nvd.nist.gov/vuln/detail/CVE-2021-3759
98# Introduced in version v4.5 a9bb7e620efdfd29b6d1c238041173e411670996
99# Patched in kernel since v5.15 18319498fdd4cdf8c1c2c48cd432863b1f915d6f
100# Backported in version v5.4.224 bad83d55134e647a739ebef2082541963f2cbc92
101# Backported in version v5.10.154 836686e1a01d7e2fda6a5a18252243ff30a6e196
102CVE_CHECK_IGNORE += "CVE-2021-3759"
103
104# https://nvd.nist.gov/vuln/detail/CVE-2021-4218
105# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
106# Patched in kernel since v5.8 32927393dc1ccd60fb2bdc05b9e8e88753761469
107CVE_CHECK_IGNORE += "CVE-2021-4218"
108
84# 2022 109# 2022
85CVE_CHECK_IGNORE += "CVE-2022-0185 CVE-2022-0264 CVE-2022-0286 CVE-2022-0330 CVE-2022-0382 CVE-2022-0433 CVE-2022-0435 \ 110CVE_CHECK_IGNORE += "CVE-2022-0185 CVE-2022-0264 CVE-2022-0286 CVE-2022-0330 CVE-2022-0382 CVE-2022-0433 CVE-2022-0435 \
86 CVE-2022-0492 CVE-2022-0494 CVE-2022-0500 CVE-2022-0516 CVE-2022-0617 CVE-2022-0742 CVE-2022-0854 \ 111 CVE-2022-0492 CVE-2022-0494 CVE-2022-0500 CVE-2022-0516 CVE-2022-0617 CVE-2022-0742 CVE-2022-0854 \
@@ -90,6 +115,193 @@ CVE_CHECK_IGNORE += "CVE-2022-0185 CVE-2022-0264 CVE-2022-0286 CVE-2022-0330 CVE
90 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-28796 CVE-2022-28893 CVE-2022-29156 \ 115 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-28796 CVE-2022-28893 CVE-2022-29156 \
91 CVE-2022-29582 CVE-2022-29968" 116 CVE-2022-29582 CVE-2022-29968"
92 117
118# https://nvd.nist.gov/vuln/detail/CVE-2022-0480
119# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
120# Patched in kernel since v5.15 0f12156dff2862ac54235fc72703f18770769042
121CVE_CHECK_IGNORE += "CVE-2022-0480"
122
123# https://nvd.nist.gov/vuln/detail/CVE-2022-1184
124# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
125# Patched in kernel since v5.19 46c116b920ebec58031f0a78c5ea9599b0d2a371
126# Backported in version v5.4.198 17034d45ec443fb0e3c0e7297f9cd10f70446064
127# Backported in version v5.10.121 da2f05919238c7bdc6e28c79539f55c8355408bb
128# Backported in version v5.15.46 ca17db384762be0ec38373a12460081d22a8b42d
129CVE_CHECK_IGNORE += "CVE-2022-1184"
130
131# https://nvd.nist.gov/vuln/detail/CVE-2022-1462
132# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
133# Patched in kernel since v5.19 a501ab75e7624d133a5a3c7ec010687c8b961d23
134# Backported in version v5.4.208 f7785092cb7f022f59ebdaa181651f7c877df132
135# Backported in version v5.10.134 08afa87f58d83dfe040572ed591b47e8cb9e225c
136# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
137CVE_CHECK_IGNORE += "CVE-2022-1462"
138
139# https://nvd.nist.gov/vuln/detail/CVE-2022-2308
140# Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e
141# Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b
142# Backported in version v5.15.72 dc248ddf41eab4566e95b1ee2433c8a5134ad94a
143# Backported in version v5.19.14 38d854c4a11c3bbf6a96ea46f14b282670c784ac
144CVE_CHECK_IGNORE += "CVE-2022-2308"
145
146# https://nvd.nist.gov/vuln/detail/CVE-2022-2327
147# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
148# Patched in kernel since v5.10.125 df3f3bb5059d20ef094d6b2f0256c4bf4127a859
149CVE_CHECK_IGNORE += "CVE-2022-2327"
150
151# https://nvd.nist.gov/vuln/detail/CVE-2022-2663
152# Introduced in version v2.6.20 869f37d8e48f3911eb70f38a994feaa8f8380008
153# Patched in kernel since v6.0 0efe125cfb99e6773a7434f3463f7c2fa28f3a43
154# Backported in version v5.4.213 36f7b71f8ad8e4d224b45f7d6ecfeff63b091547
155# Backported in version v5.10.143 e12ce30fe593dd438c5b392290ad7316befc11ca
156# Backported in version v5.15.68 451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4
157# Backported in version v5.19.9 6cf0609154b2ce8d3ae160e7506ab316400a8d3d
158CVE_CHECK_IGNORE += "CVE-2022-2663"
159
160# https://nvd.nist.gov/vuln/detail/CVE-2022-2785
161# Introduced in version v5.18 b1d18a7574d0df5eb4117c14742baf8bc2b9bb74
162# Patched in kernel since v6.0 86f44fcec22ce2979507742bc53db8400e454f46
163# Backported in version v5.19.4 b429d0b9a7a0f3dddb1f782b72629e6353f292fd
164CVE_CHECK_IGNORE += "CVE-2022-2785"
165
166# https://nvd.nist.gov/vuln/detail/CVE-2022-3176
167# Introduced in version v5.1 221c5eb2338232f7340386de1c43decc32682e58
168# Patched in kernel since v5.17 791f3465c4afde02d7f16cf7424ca87070b69396
169# Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5
170CVE_CHECK_IGNORE += "CVE-2022-3176"
171
172# https://nvd.nist.gov/vuln/detail/CVE-2022-3526
173# Introduced in version v5.13 427f0c8c194b22edcafef1b0a42995ddc5c2227d
174# Patched in kernel since v5.18 e16b859872b87650bb55b12cca5a5fcdc49c1442
175# Backported in version v5.15.35 8f79ce226ad2e9b2ec598de2b9560863b7549d1b
176CVE_CHECK_IGNORE += "CVE-2022-3526"
177
178# https://nvd.nist.gov/vuln/detail/CVE-2022-3621
179# Introduced in version v2.60.30 05fe58fdc10df9ebea04c0eaed57adc47af5c184
180# Patched in kernel since v6.1 21a87d88c2253350e115029f14fe2a10a7e6c856
181# Backported in version v5.4.218 792211333ad77fcea50a44bb7f695783159fc63c
182# Backported in version v5.10.148 3f840480e31495ce674db4a69912882b5ac083f2
183# Backported in version v5.15.74 1e512c65b4adcdbdf7aead052f2162b079cc7f55
184# Backported in version v5.19.16 caf2c6b580433b3d3e413a3d54b8414a94725dcd
185CVE_CHECK_IGNORE += "CVE-2022-3621"
186
187# https://nvd.nist.gov/vuln/detail/CVE-2022-3623
188# Introduced in version v5.1 5480280d3f2d11d47f9be59d49b20a8d7d1b33e8
189# Patched in kernel since v6.1 fac35ba763ed07ba93154c95ffc0c4a55023707f
190# Backported in version v5.4.228 176ba4c19d1bb153aa6baaa61d586e785b7d736c
191# Backported in version v5.10.159 fccee93eb20d72f5390432ecea7f8c16af88c850
192# Backported in version v5.15.78 3a44ae4afaa5318baed3c6e2959f24454e0ae4ff
193# Backported in version v5.19.17 86a913d55c89dd13ba070a87f61a493563e94b54
194CVE_CHECK_IGNORE += "CVE-2022-3623"
195
196# https://nvd.nist.gov/vuln/detail/CVE-2022-3624
197# Introduced in version v6.0 d5410ac7b0baeca91cf73ff5241d35998ecc8c9e
198# Patched in kernel since v6.0 4f5d33f4f798b1c6d92b613f0087f639d9836971
199CVE_CHECK_IGNORE += "CVE-2022-3624"
200
201# https://nvd.nist.gov/vuln/detail/CVE-2022-3625
202# Introduced in version v4.19 45f05def5c44c806f094709f1c9b03dcecdd54f0
203# Patched in kernel since v6.0 6b4db2e528f650c7fb712961aac36455468d5902
204# Backported in version v5.4.211 1ad4ba9341f15412cf86dc6addbb73871a10212f
205# Backported in version v5.10.138 0e28678a770df7989108327cfe86f835d8760c33
206# Backported in version v5.15.63 c4d09fd1e18bac11c2f7cf736048112568687301
207# Backported in version v5.19.4 26bef5616255066268c0e40e1da10cc9b78b82e9
208CVE_CHECK_IGNORE += "CVE-2022-3625"
209
210# https://nvd.nist.gov/vuln/detail/CVE-2022-3629
211# Introduced in version v3.9 d021c344051af91f42c5ba9fdedc176740cbd238
212# Patched in kernel since v6.0 7e97cfed9929eaabc41829c395eb0d1350fccb9d
213# Backported in version v5.4.211 f82f1e2042b397277cd39f16349950f5abade58d
214# Backported in version v5.10.138 38ddccbda5e8b762c8ee06670bb1f64f1be5ee50
215# Backported in version v5.15.63 e4c0428f8a6fc8c218d7fd72bddd163f05b29795
216# Backported in version v5.19.4 8ff5db3c1b3d6797eda5cd326dcd31b9cd1c5f72
217CVE_CHECK_IGNORE += "CVE-2022-3629"
218
219# https://nvd.nist.gov/vuln/detail/CVE-2022-3630
220# Introduced in version v5.19 85e4ea1049c70fb99de5c6057e835d151fb647da
221# Patched in kernel since v6.0 fb24771faf72a2fd62b3b6287af3c610c3ec9cf1
222# Backported in version v5.19.4 7a369dc87b66acc85d0cffcf39984344a203e20b
223CVE_CHECK_IGNORE += "CVE-2022-3630"
224
225# https://nvd.nist.gov/vuln/detail/CVE-2022-3633
226# Introduced in version v5.4 9d71dd0c70099914fcd063135da3c580865e924c
227# Patched in kernel since v6.0 8c21c54a53ab21842f5050fa090f26b03c0313d6
228# Backported in version v5.4.211 04e41b6bacf474f5431491f92e981096e8cc8e93
229# Backported in version v5.10.138 a220ff343396bae8d3b6abee72ab51f1f34b3027
230# Backported in version v5.15.63 98dc8fb08299ab49e0b9c08daedadd2f4de1a2f2
231# Backported in version v5.19.4 a0278dbeaaf7ca60346c62a9add65ae7d62564de
232CVE_CHECK_IGNORE += "CVE-2022-3633"
233
234# https://nvd.nist.gov/vuln/detail/CVE-2022-3635
235# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
236# Patched in kernel since v6.0 3f4093e2bf4673f218c0bf17d8362337c400e77b
237# Backported in version v5.4.211 9a6cbaa50f263b12df18a051b37f3f42f9fb5253
238# Backported in version v5.10.138 a0ae122e9aeccbff75014c4d36d11a9d32e7fb5e
239# Backported in version v5.15.63 a5d7ce086fe942c5ab422fd2c034968a152be4c4
240# Backported in version v5.19.4 af412b252550f9ac36d9add7b013c2a2c3463835
241CVE_CHECK_IGNORE += "CVE-2022-3635"
242
243# https://nvd.nist.gov/vuln/detail/CVE-2022-3636
244# Introduced in version v5.19 33fc42de33278b2b3ec6f3390512987bc29a62b7
245# Patched in kernel since v5.19 17a5f6a78dc7b8db385de346092d7d9f9dc24df6
246# The vulnerability has been introduced and patched in rc1 of v5.19.
247CVE_CHECK_IGNORE += "CVE-2022-3636"
248
249# https://nvd.nist.gov/vuln/detail/CVE-2022-3646
250# Introduced in version v2.6.30 9ff05123e3bfbb1d2b68ba1d9bf1f7d1dffc1453
251# Patched in kernel since v6.1 d0d51a97063db4704a5ef6bc978dddab1636a306
252# Backported in version v5.4.218 b7e409d11db9ce9f8bc05fcdfa24d143f60cd393
253# Backported in version v5.10.148 aad4c997857f1d4b6c1e296c07e4729d3f8058ee
254# Backported in version v5.15.74 44b1ee304bac03f1b879be5afe920e3a844e40fc
255# Backported in version v5.19.16 4755fcd844240857b525f6e8d8b65ee140fe9570
256CVE_CHECK_IGNORE += "CVE-2022-3646"
257
258# https://nvd.nist.gov/vuln/detail/CVE-2022-3649
259# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
260# Patched in kernel since v6.1 d325dc6eb763c10f591c239550b8c7e5466a5d09
261# Backported in version v5.4.220 d1c2d820a2cd73867b7d352e89e92fb3ac29e926
262# Backported in version v5.10.148 21ee3cffed8fbabb669435facfd576ba18ac8652
263# Backported in version v5.15.74 cb602c2b654e26763226d8bd27a702f79cff4006
264# Backported in version v5.19.16 394b2571e9a74ddaed55aa9c4d0f5772f81c21e4
265CVE_CHECK_IGNORE += "CVE-2022-3649"
266
267# https://nvd.nist.gov/vuln/detail/CVE-2022-26365
268# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
269# Patched in kernel since v5.19 2f446ffe9d737e9a844b97887919c4fda18246e7
270# Backported in version v5.4.204 42112e8f94617d83943f8f3b8de2b66041905506
271# Backported in version v5.10.129 cfea428030be836d79a7690968232bb7fa4410f1
272# Backported in version v5.15.53 7ed65a4ad8fa9f40bc3979b32c54243d6a684ec9
273CVE_CHECK_IGNORE += "CVE-2022-26365"
274
275# https://nvd.nist.gov/vuln/detail/CVE-2022-33740
276# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
277# Patched in kernel since v5.19 307c8de2b02344805ebead3440d8feed28f2f010
278# Backported in version v5.4.204 04945b5beb73019145ac17a2565526afa7293c14
279# Backported in version v5.10.129 728d68bfe68d92eae1407b8a9edc7817d6227404
280# Backported in version v5.15.53 5dd0993c36832d33820238fc8dc741ba801b7961
281CVE_CHECK_IGNORE += "CVE-2022-33740"
282
283# https://nvd.nist.gov/vuln/detail/CVE-2022-33741
284# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
285# Patched in kernel since v5.19 4491001c2e0fa69efbb748c96ec96b100a5cdb7e
286# Backported in version v5.4.204 ede57be88a5fff42cd00e6bcd071503194d398dd
287# Backported in version v5.10.129 4923217af5742a796821272ee03f8d6de15c0cca
288# Backported in version v5.15.53 ed3cfc690675d852c3416aedb271e0e7d179bf49
289CVE_CHECK_IGNORE += "CVE-2022-33741"
290
291# https://nvd.nist.gov/vuln/detail/CVE-2022-33742
292# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
293# Patched in kernel since v5.19 2400617da7eebf9167d71a46122828bc479d64c9
294# Backported in version v5.4.204 60ac50daad36ef3fe9d70d89cfe3b95d381db997
295# Backported in version v5.10.129 cbbd2d2531539212ff090aecbea9877c996e6ce6
296# Backported in version v5.15.53 6d0a9127279a4533815202e30ad1b3a39f560ba3
297CVE_CHECK_IGNORE += "CVE-2022-33742"
298
299
300# Wrong CPE in NVD database
301# https://nvd.nist.gov/vuln/detail/CVE-2022-3563
302# https://nvd.nist.gov/vuln/detail/CVE-2022-3637
303# Those issue do not affect the kernel, patchs listed on CVE pages links to https://git.kernel.org/pub/scm/bluetooth/bluez.git
304CVE_CHECK_IGNORE += "CVE-2022-3563 CVE-2022-3637"
93 305
94# qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 306# qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255
95# There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html 307# There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html
diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
new file mode 100644
index 0000000000..53d5379046
--- /dev/null
+++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
@@ -0,0 +1,90 @@
1# CVE exclusions specific to version 5.15 of the kernel.
2
3# 2021
4# https://nvd.nist.gov/vuln/detail/CVE-2022-3435
5# Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82
6# Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438
7# Breaking commit backported in v5.10.111 63ea57478aaa3e06a597081a0f537318fc04e49f
8# Breaking commit backported in v5.15.34 907c97986d6fa77318d17659dd76c94b65dd27c5
9# Patched in kernel since v6.1 61b91eb33a69c3be11b259c5ea484505cd79f883
10# Backported in version v5.4.226 cc3cd130ecfb8b0ae52e235e487bae3f16a24a32
11# Backported in version v5.10.158 0b5394229ebae09afc07aabccb5ffd705ffd250e
12# Backported in version v5.15.82 25174d91e4a32a24204060d283bd5fa6d0ddf133
13CVE_CHECK_IGNORE += "CVE-2022-3435"
14
15# https://nvd.nist.gov/vuln/detail/CVE-2022-3534
16# Introduced in version v5.10 919d2b1dbb074d438027135ba644411931179a59
17# Patched in kernel since v6.2 93c660ca40b5d2f7c1b1626e955a8e9fa30e0749
18# Backported in version v5.10.163 c61650b869e0b6fb0c0a28ed42d928eea969afc8
19# Backported in version v5.15.86 a733bf10198eb5bb927890940de8ab457491ed3b
20# Backported in version v6.1.2 fbe08093fb2334549859829ef81d42570812597d
21CVE_CHECK_IGNORE += "CVE-2022-3534"
22
23# https://nvd.nist.gov/vuln/detail/CVE-2022-3564
24# Introduced in version v3.6 4b51dae96731c9d82f5634e75ac7ffd3b9c1b060
25# Patched in kernel since v6.1 3aff8aaca4e36dc8b17eaa011684881a80238966
26# Backported in version v5.10.154 cb1c012099ef5904cd468bdb8d6fcdfdd9bcb569
27# Backported in version v5.15.78 8278a87bb1eeea94350d675ef961ee5a03341fde
28CVE_CHECK_IGNORE += "CVE-2022-3564"
29
30# https://nvd.nist.gov/vuln/detail/CVE-2022-3619
31# Introduced in version v5.12 4d7ea8ee90e42fc75995f6fb24032d3233314528
32# Patched in kernel since v6.1 7c9524d929648935bac2bbb4c20437df8f9c3f42
33# Backported in version v5.15.78 aa16cac06b752e5f609c106735bd7838f444784c
34CVE_CHECK_IGNORE += "CVE-2022-3619"
35
36# https://nvd.nist.gov/vuln/detail/CVE-2022-3640
37# Introduced in version v5.19 d0be8347c623e0ac4202a1d4e0373882821f56b0
38# Breaking commit backported in v5.4.209 098e07ef0059296e710a801cdbd74b59016e6624
39# Breaking commit backported in v5.10.135 de5d4654ac6c22b1be756fdf7db18471e7df01ea
40# Breaking commit backported in v5.15.59 f32d5615a78a1256c4f557ccc6543866e75d03f4
41# Patched in kernel since v6.1 0d0e2d032811280b927650ff3c15fe5020e82533
42# Backported in version v5.4.224 c1f594dddd9ffd747c39f49cc5b67a9b7677d2ab
43# Backported in version v5.10.154 d9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd
44# Backported in version v5.15.78 a3a7b2ac64de232edb67279e804932cb42f0b52a
45CVE_CHECK_IGNORE += "CVE-2022-3640"
46
47# https://nvd.nist.gov/vuln/detail/CVE-2022-4382
48# Introduced in version v5.3 e5d82a7360d124ae1a38c2a5eac92ba49b125191
49# Patched in kernel since v6.2-rc5 d18dcfe9860e842f394e37ba01ca9440ab2178f4
50# Backported in version v5.4.230 9a39f4626b361ee7aa10fd990401c37ec3b466ae
51# Backported in version v5.10.165 856e4b5e53f21edbd15d275dde62228dd94fb2b4
52# Backported in version v5.15.90 a2e075f40122d8daf587db126c562a67abd69cf9
53# Backported in version v6.1.8 616fd34d017000ecf9097368b13d8a266f4920b3
54CVE_CHECK_IGNORE += "CVE-2022-4382"
55
56# https://nvd.nist.gov/vuln/detail/CVE-2022-42895
57# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
58# Patched in kernel since v6.1 b1a2cd50c0357f243b7435a732b4e62ba3157a2e
59# Backported in version v5.15.78 3e4697ffdfbb38a2755012c4e571546c89ab6422
60# Backported in version v5.10.154 26ca2ac091b49281d73df86111d16e5a76e43bd7
61# Backported in version v5.4.224 6949400ec9feca7f88c0f6ca5cb5fdbcef419c89
62CVE_CHECK_IGNORE += "CVE-2022-42895"
63
64# https://nvd.nist.gov/vuln/detail/CVE-2022-42896
65# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
66# Patched in kernel since v6.1 711f8c3fb3db61897080468586b970c87c61d9e4
67# Backported in version v5.4.226 0d87bb6070361e5d1d9cb391ba7ee73413bc109b
68# Backported in version v5.10.154 6b6f94fb9a74dd2891f11de4e638c6202bc89476
69# Backported in version v5.15.78 81035e1201e26d57d9733ac59140a3e29befbc5a
70CVE_CHECK_IGNORE += "CVE-2022-42896"
71
72
73# 2023
74# https://nvd.nist.gov/vuln/detail/CVE-2023-0266
75# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
76# Patched in kernel since v6.2 56b88b50565cd8b946a2d00b0c83927b7ebb055e
77# Backported in version v5.15.88 26350c21bc5e97a805af878e092eb8125843fe2c
78# Backported in version v6.1.6 d6ad4bd1d896ae1daffd7628cd50f124280fb8b1
79CVE_CHECK_IGNORE += "CVE-2023-0266"
80
81# https://nvd.nist.gov/vuln/detail/CVE-2023-0394
82# Introduced in version 2.6.12 357b40a18b04c699da1d45608436e9b76b50e251
83# Patched in kernel since v6.2 cb3e9864cdbe35ff6378966660edbcbac955fe17
84# Backported in version v5.4.229 3998dba0f78a59922b0ef333ccfeb58d9410cd3d
85# Backported in version v5.10.164 6c9e2c11c33c35563d34d12b343d43b5c12200b5
86# Backported in version v5.15.89 456e3794e08a0b59b259da666e31d0884b376bcf
87# Backported in version v6.1.7 0afa5f0736584411771299074bbeca8c1f9706d4
88CVE_CHECK_IGNORE += "CVE-2023-0394"
89
90
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 0f557ba2c5..db32522e63 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -2,6 +2,9 @@ KBRANCH ?= "v5.15/standard/preempt-rt/base"
2 2
3require recipes-kernel/linux/linux-yocto.inc 3require recipes-kernel/linux/linux-yocto.inc
4 4
5# CVE exclusions
6include recipes-kernel/linux/cve-exclusion_5.15.inc
7
5# Skip processing of this recipe if it is not explicitly specified as the 8# Skip processing of this recipe if it is not explicitly specified as the
6# PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying 9# PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying
7# to build multiple virtual/kernel providers, e.g. as dependency of 10# to build multiple virtual/kernel providers, e.g. as dependency of
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 34ffaa5132..322c07e097 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,6 +5,9 @@ KCONFIG_MODE = "--allnoconfig"
5 5
6require recipes-kernel/linux/linux-yocto.inc 6require recipes-kernel/linux/linux-yocto.inc
7 7
8# CVE exclusions
9include recipes-kernel/linux/cve-exclusion_5.15.inc
10
8LINUX_VERSION ?= "5.15.96" 11LINUX_VERSION ?= "5.15.96"
9LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" 12LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
10 13
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 55580357d2..85fdbf4bec 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -2,6 +2,9 @@ KBRANCH ?= "v5.15/standard/base"
2 2
3require recipes-kernel/linux/linux-yocto.inc 3require recipes-kernel/linux/linux-yocto.inc
4 4
5# CVE exclusions
6include recipes-kernel/linux/cve-exclusion_5.15.inc
7
5# board specific branches 8# board specific branches
6KBRANCH:qemuarm ?= "v5.15/standard/arm-versatile-926ejs" 9KBRANCH:qemuarm ?= "v5.15/standard/arm-versatile-926ejs"
7KBRANCH:qemuarm64 ?= "v5.15/standard/qemuarm64" 10KBRANCH:qemuarm64 ?= "v5.15/standard/qemuarm64"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-14 20:02:42 +0000