linux: review some historic CVE_STATUS

Do manual review and disposition these CVEs as appropriate. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
author: Ross Burton <ross.burton@arm.com> 2023-09-04 22:33:22 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-09-06 17:52:37 +0100
commit: a8db0735e228465715cf885d3b889fddfd68efc6 (patch)
tree: bb634fbb200096c7d72223b6c20d15e1da4c003b /meta/recipes-kernel/linux
parent: 2020aee444868742590f44d149d11565fc9f58c4 (diff)
download: openembedded-core-contrib-a8db0735e228465715cf885d3b889fddfd68efc6.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion.inc b/meta/recipes-kernel/linux/cve-exclusion.inc
index 42f1c195c9..28f9c8ff2b 100644
--- a/meta/recipes-kernel/linux/cve-exclusion.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion.inc
@@ -1,3 +1,15 @@
+CVE_STATUS[CVE-2014-2648] = "cpe-incorrect: not Linux"
+
+CVE_STATUS[CVE-2016-0774] = "ignored: result of incomplete backport"
+
+CVE_STATUS[CVE-2016-3695] = "not-applicable-platform: specific to RHEL with securelevel patches"
+
+CVE_STATUS[CVE-2016-3699] = "not-applicable-platform: specific to RHEL with securelevel patches"
+
+CVE_STATUS[CVE-2017-6264] = "not-applicable-platform: Android specific"
+
+CVE_STATUS[CVE-2017-1000377] = "not-applicable-platform: GRSecurity specific"
+
 CVE_STATUS[CVE-2018-6559] = "not-applicable-platform: Issue only affects Ubuntu"
 
 CVE_STATUS[CVE-2020-11935] = "not-applicable-config: Issue only affects aufs, which is not in linux-yocto"
author	Ross Burton <ross.burton@arm.com>	2023-09-04 22:33:22 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-09-06 17:52:37 +0100
commit	a8db0735e228465715cf885d3b889fddfd68efc6 (patch)
tree	bb634fbb200096c7d72223b6c20d15e1da4c003b /meta/recipes-kernel/linux
parent	2020aee444868742590f44d149d11565fc9f58c4 (diff)
download	openembedded-core-contrib-a8db0735e228465715cf885d3b889fddfd68efc6.tar.gz