4 files changed, 37 insertions, 25 deletions

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 90b07f0da5..c8ae38b599 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,9 +1,9 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-09-19 16:30:43.403752+00:00 for version 6.1.51
+# Generated at 2023-09-30 07:24:11.683650+00:00 for version 6.1.52
 
 python check_kernel_cve_status_version() {
-    this_version = "6.1.51"
+    this_version = "6.1.52"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -3450,6 +3450,8 @@ CVE_STATUS[CVE-2020-36691] = "fixed-version: Fixed from version 5.8rc1"
 
 CVE_STATUS[CVE-2020-36694] = "fixed-version: Fixed from version 5.10"
 
+CVE_STATUS[CVE-2020-36766] = "fixed-version: Fixed from version 5.9rc1"
+
 CVE_STATUS[CVE-2020-3702] = "fixed-version: Fixed from version 5.12rc1"
 
 CVE_STATUS[CVE-2020-4788] = "fixed-version: Fixed from version 5.10rc5"
@@ -4644,7 +4646,7 @@ CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33"
 
 # CVE-2023-1193 has no known resolution
 
-# CVE-2023-1194 has no known resolution
+CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34"
 
 CVE_STATUS[CVE-2023-1195] = "fixed-version: Fixed from version 6.1rc3"
 
@@ -5034,6 +5036,12 @@ CVE_STATUS[CVE-2023-4208] = "cpe-stable-backport: Backported in 6.1.45"
 
 CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45"
 
+# CVE-2023-42752 needs backporting (fixed from 6.1.53)
+
+# CVE-2023-42753 needs backporting (fixed from 6.1.53)
+
+# CVE-2023-42755 needs backporting (fixed from 6.1.55)
+
 CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1"
 
 CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18"
@@ -5054,7 +5062,11 @@ CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
 
 # CVE-2023-4623 needs backporting (fixed from 6.1.53)
 
-# CVE-2023-4881 needs backporting (fixed from 6.6rc1)
+# CVE-2023-4881 needs backporting (fixed from 6.1.54)
+
+# CVE-2023-4921 needs backporting (fixed from 6.1.54)
+
+# CVE-2023-5158 has no known resolution
 
-# CVE-2023-4921 needs backporting (fixed from 6.6rc1)
+# CVE-2023-5197 needs backporting (fixed from 6.6rc3)
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
index 5a42da2019..05e0b69331 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "ad7c05a03b8d70ee30ecce783a861cb96ea258cf"
-SRCREV_meta ?= "f845a7f37d7114230d6609e2bd630070f2f6cd9b"
+SRCREV_machine ?= "7327e7ab3b5508182380405a51f2657f5bf669b4"
+SRCREV_meta ?= "9e389e7f44a22bc637328f15e106f6d60631780e"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.1.51"
+LINUX_VERSION ?= "6.1.52"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
index 3fd9a0e2a9..942aa48c02 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.1.inc
 
-LINUX_VERSION ?= "6.1.51"
+LINUX_VERSION ?= "6.1.52"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_meta ?= "f845a7f37d7114230d6609e2bd630070f2f6cd9b"
+SRCREV_machine ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_meta ?= "9e389e7f44a22bc637328f15e106f6d60631780e"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/meta/recipes-kernel/linux/linux-yocto_6.1.bb
index 3798ae3db9..000317379f 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.1.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.1.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.1/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.1/standard/base"
 KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "8c81de99a4b9f69345873b06077f9d4e1321298e"
-SRCREV_machine:qemuarm64 ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemuloongarch64 ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemumips ?= "733cb5842aeac106f5606df4da7c64a180f0c500"
-SRCREV_machine:qemuppc ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemuriscv64 ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemuriscv32 ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemux86 ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemux86-64 ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_machine:qemumips64 ?= "1c11fe963667e9380725bef0650aeaea8544ea8b"
-SRCREV_machine ?= "526b5bf2f74f881356bce8b44840dc86785fb7bf"
-SRCREV_meta ?= "f845a7f37d7114230d6609e2bd630070f2f6cd9b"
+SRCREV_machine:qemuarm ?= "3028542fe5ece9dd32c8e3b9b14b2c9f4c9cafac"
+SRCREV_machine:qemuarm64 ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemuloongarch64 ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemumips ?= "33c0b5a0c1af6abb4dee11ffa5ece66ffd01d3c8"
+SRCREV_machine:qemuppc ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemuriscv64 ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemuriscv32 ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemux86 ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemux86-64 ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_machine:qemumips64 ?= "ee418f38dbc9794b7976ad11fd74f5a3490c7c5e"
+SRCREV_machine ?= "b3879adf00e338e66e92431a434fa2549ac88b83"
+SRCREV_meta ?= "9e389e7f44a22bc637328f15e106f6d60631780e"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "c2cbfe5f51227dfe6ef7be013f0d56a32c040faa"
+SRCREV_machine:class-devupstream ?= "59b13c2b647e464dd85622c89d7f16c15d681e96"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.1/base"
 
@@ -45,7 +45,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
 SRC_URI += "file://0001-perf-cpumap-Make-counter-as-unsigned-ints.patch"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.1.51"
+LINUX_VERSION ?= "6.1.52"
 
 PV = "${LINUX_VERSION}+git"