diff options
| author |   Bruce Ashfield <bruce.ashfield@gmail.com> | 2024-02-20 21:44:59 -0500 |
|---|---|---|
| committer |   Steve Sakoman <steve@sakoman.com> | 2024-02-21 03:59:19 -1000 |
| commit | b71eeab71911ab49a8e8b8d78560fdbd66f883e7 (patch) | |
| tree | 19de3c41d5a4a158f12e71e36aa1b6b1c8fe079a | |
| parent | f1326d008a2a37b3860f25eb082efabdeba7cc32 (diff) | |
| download | openembedded-core-contrib-b71eeab71911ab49a8e8b8d78560fdbd66f883e7.tar.gz | |
linux-yocto/5.15: update CVE exclusions
Data pulled from: https://github.com/nluedtke/linux_kernel_cves
1/1 [
Author: Nicholas Luedtke
Email: nicholas.luedtke@uwalumni.com
Subject: Update 3Feb24
Date: Sat, 3 Feb 2024 00:42:14 -0500
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_5.15.inc | 91 |
1 files changed, 85 insertions, 6 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc index 0d54b414d9..d33f2b3c7f 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2024-01-18 18:47:24.084935 for version 5.15.147 +# Generated at 2024-02-06 21:02:11.546853 for version 5.15.148 python check_kernel_cve_status_version() { - this_version = "5.15.147" + this_version = "5.15.148" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -5299,6 +5299,12 @@ CVE_CHECK_IGNORE += "CVE-2021-3348" # fixed-version: Fixed after version 5.13rc7 CVE_CHECK_IGNORE += "CVE-2021-33624" +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2021-33630" + +# cpe-stable-backport: Backported in 5.15.87 +CVE_CHECK_IGNORE += "CVE-2021-33631" + # cpe-stable-backport: Backported in 5.15.54 CVE_CHECK_IGNORE += "CVE-2021-33655" @@ -6395,7 +6401,8 @@ CVE_CHECK_IGNORE += "CVE-2022-3635" # fixed-version: only affects 5.19 onwards CVE_CHECK_IGNORE += "CVE-2022-3640" -# CVE-2022-36402 has no known resolution +# cpe-stable-backport: Backported in 5.15.129 +CVE_CHECK_IGNORE += "CVE-2022-36402" # CVE-2022-3642 has no known resolution @@ -7369,8 +7376,14 @@ CVE_CHECK_IGNORE += "CVE-2023-4611" CVE_CHECK_IGNORE += "CVE-2023-4623" # cpe-stable-backport: Backported in 5.15.137 +CVE_CHECK_IGNORE += "CVE-2023-46343" + +# cpe-stable-backport: Backported in 5.15.137 CVE_CHECK_IGNORE += "CVE-2023-46813" +# cpe-stable-backport: Backported in 5.15.148 +CVE_CHECK_IGNORE += "CVE-2023-46838" + # cpe-stable-backport: Backported in 5.15.140 CVE_CHECK_IGNORE += "CVE-2023-46862" @@ -7385,11 +7398,17 @@ CVE_CHECK_IGNORE += "CVE-2023-4881" # cpe-stable-backport: Backported in 5.15.132 CVE_CHECK_IGNORE += "CVE-2023-4921" -# CVE-2023-50431 has no known resolution +# CVE-2023-50431 needs backporting (fixed from 6.8rc1) # fixed-version: only affects 6.0rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5090" +# cpe-stable-backport: Backported in 5.15.128 +CVE_CHECK_IGNORE += "CVE-2023-51042" + +# cpe-stable-backport: Backported in 5.15.121 +CVE_CHECK_IGNORE += "CVE-2023-51043" + # cpe-stable-backport: Backported in 5.15.135 CVE_CHECK_IGNORE += "CVE-2023-5158" @@ -7411,6 +7430,9 @@ CVE_CHECK_IGNORE += "CVE-2023-51782" # cpe-stable-backport: Backported in 5.15.134 CVE_CHECK_IGNORE += "CVE-2023-5197" +# cpe-stable-backport: Backported in 5.15.147 +CVE_CHECK_IGNORE += "CVE-2023-52340" + # fixed-version: only affects 6.1rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5345" @@ -7425,7 +7447,8 @@ CVE_CHECK_IGNORE += "CVE-2023-5972" # CVE-2023-6039 needs backporting (fixed from 6.5rc5) -# CVE-2023-6040 needs backporting (fixed from 5.18rc1) +# cpe-stable-backport: Backported in 5.15.147 +CVE_CHECK_IGNORE += "CVE-2023-6040" # fixed-version: only affects 6.6rc3 onwards CVE_CHECK_IGNORE += "CVE-2023-6111" @@ -7436,6 +7459,9 @@ CVE_CHECK_IGNORE += "CVE-2023-6121" # cpe-stable-backport: Backported in 5.15.132 CVE_CHECK_IGNORE += "CVE-2023-6176" +# fixed-version: only affects 6.6rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6200" + # CVE-2023-6238 has no known resolution # CVE-2023-6270 has no known resolution @@ -7468,6 +7494,9 @@ CVE_CHECK_IGNORE += "CVE-2023-6679" # cpe-stable-backport: Backported in 5.15.143 CVE_CHECK_IGNORE += "CVE-2023-6817" +# cpe-stable-backport: Backported in 5.15.148 +CVE_CHECK_IGNORE += "CVE-2023-6915" + # cpe-stable-backport: Backported in 5.15.143 CVE_CHECK_IGNORE += "CVE-2023-6931" @@ -7487,5 +7516,55 @@ CVE_CHECK_IGNORE += "CVE-2024-0193" # fixed-version: only affects 6.2rc1 onwards CVE_CHECK_IGNORE += "CVE-2024-0443" -# Skipping dd=CVE-2023-1476, no affected_versions +# cpe-stable-backport: Backported in 5.15.64 +CVE_CHECK_IGNORE += "CVE-2024-0562" + +# CVE-2024-0564 has no known resolution + +# CVE-2024-0565 needs backporting (fixed from 6.7rc6) + +# fixed-version: only affects 6.4rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-0582" + +# cpe-stable-backport: Backported in 5.15.142 +CVE_CHECK_IGNORE += "CVE-2024-0584" + +# cpe-stable-backport: Backported in 5.15.140 +CVE_CHECK_IGNORE += "CVE-2024-0607" + +# cpe-stable-backport: Backported in 5.15.121 +CVE_CHECK_IGNORE += "CVE-2024-0639" + +# cpe-stable-backport: Backported in 5.15.135 +CVE_CHECK_IGNORE += "CVE-2024-0641" + +# cpe-stable-backport: Backported in 5.15.147 +CVE_CHECK_IGNORE += "CVE-2024-0646" + +# cpe-stable-backport: Backported in 5.15.112 +CVE_CHECK_IGNORE += "CVE-2024-0775" + +# CVE-2024-0841 has no known resolution + +# cpe-stable-backport: Backported in 5.15.148 +CVE_CHECK_IGNORE += "CVE-2024-1085" + +# CVE-2024-1086 needs backporting (fixed from 6.8rc2) + +# CVE-2024-21803 has no known resolution + +# CVE-2024-22099 has no known resolution + +# cpe-stable-backport: Backported in 5.15.146 +CVE_CHECK_IGNORE += "CVE-2024-22705" + +# CVE-2024-23307 has no known resolution + +# CVE-2024-23848 has no known resolution + +# CVE-2024-23849 has no known resolution + +# CVE-2024-23850 has no known resolution + +# CVE-2024-23851 has no known resolution |