diff options
author | Ross Burton <ross.burton@arm.com> | 2023-09-04 13:36:31 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-09-05 08:09:11 +0100 |
commit | 2020aee444868742590f44d149d11565fc9f58c4 (patch) | |
tree | d1c60ea82b6215982568d9fbe1810b02fdeea5cb | |
parent | 7f354aed364b17259a642cc97e30a0a2b8218134 (diff) | |
download | openembedded-core-2020aee444868742590f44d149d11565fc9f58c4.tar.gz |
linux-yocto: update kernel CVE status
Handles the following CVEs:
6.1:
- CVE-2022-4098
- CVE-2023-0160
- CVE-2023-20569
- CVE-2023-20588
- CVE-2023-33250
- CVE-2023-34319
- CVE-2023-40283
- CVE-2023-4128
- CVE-2023-4155
- CVE-2023-4194
- CVE-2023-4273
- CVE-2023-4385
- CVE-2023-4387
- CVE-2023-4389
6.4:
- CVE-2022-40982
- CVE-2023-0160
- CVE-2023-20569
- CVE-2023-20588
- CVE-2023-33250
- CVE-2023-34319
- CVE-2023-40283
- CVE-2023-4128
- CVE-2023-4155
- CVE-2023-4194
- CVE-2023-4273
- CVE-2023-4385
- CVE-2023-4387
- CVE-2023-4389
- CVE-2023-4394
- CVE-2023-4459
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 40 | ||||
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.4.inc | 40 |
2 files changed, 54 insertions, 26 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index ce3a534cf3..b6d733f9bb 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,6 +1,6 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-08-25 12:42:35.329668 for version 6.1.46" +# Generated at 2023-09-04 13:17:06.462373 for version 6.1.46 python check_kernel_cve_status_version() { this_version = "6.1.46" @@ -3354,6 +3354,8 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed after version 5.9" CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed after version 5.6rc4" +# CVE-2020-27418 has no known resolution + CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed after version 5.10rc1" CVE_STATUS[CVE-2020-27675] = "fixed-version: Fixed after version 5.10rc1" @@ -4460,7 +4462,7 @@ CVE_STATUS[CVE-2022-40768] = "fixed-version: Fixed after version 6.1rc1" CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed after version 6.0rc4" -# CVE-2022-40982 has no known resolution +CVE_STATUS[CVE-2022-40982] = "cpe-stable-backport: Backported in 6.1.44" CVE_STATUS[CVE-2022-41218] = "cpe-stable-backport: Backported in 6.1.4" @@ -4588,7 +4590,7 @@ CVE_STATUS[CVE-2023-0047] = "fixed-version: Fixed after version 5.16rc1" CVE_STATUS[CVE-2023-0122] = "fixed-version: Fixed after version 6.0rc4" -# CVE-2023-0160 has no known resolution +CVE_STATUS[CVE-2023-0160] = "cpe-stable-backport: Backported in 6.1.28" CVE_STATUS[CVE-2023-0179] = "cpe-stable-backport: Backported in 6.1.7" @@ -4702,9 +4704,9 @@ CVE_STATUS[CVE-2023-2008] = "fixed-version: Fixed after version 5.19rc4" CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed after version 6.0rc1" -# CVE-2023-20569 has no known resolution +CVE_STATUS[CVE-2023-20569] = "cpe-stable-backport: Backported in 6.1.44" -# CVE-2023-20588 has no known resolution +CVE_STATUS[CVE-2023-20588] = "cpe-stable-backport: Backported in 6.1.45" CVE_STATUS[CVE-2023-20593] = "cpe-stable-backport: Backported in 6.1.41" @@ -4900,7 +4902,7 @@ CVE_STATUS[CVE-2023-3317] = "fixed-version: only affects 6.2rc1 onwards" CVE_STATUS[CVE-2023-33203] = "cpe-stable-backport: Backported in 6.1.22" -# CVE-2023-33250 has no known resolution +CVE_STATUS[CVE-2023-33250] = "fixed-version: only affects 6.2rc1 onwards" CVE_STATUS[CVE-2023-33288] = "cpe-stable-backport: Backported in 6.1.22" @@ -4928,7 +4930,7 @@ CVE_STATUS[CVE-2023-34255] = "cpe-stable-backport: Backported in 6.1.33" CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29" -# CVE-2023-34319 has no known resolution +CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.1.44" CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed after version 5.18rc5" @@ -4964,9 +4966,9 @@ CVE_STATUS[CVE-2023-3611] = "cpe-stable-backport: Backported in 6.1.40" # CVE-2023-37454 has no known resolution -# CVE-2023-3772 has no known resolution +# CVE-2023-3772 needs backporting (fixed from 6.1.47) -# CVE-2023-3773 has no known resolution +# CVE-2023-3773 needs backporting (fixed from 6.1.47) CVE_STATUS[CVE-2023-3776] = "cpe-stable-backport: Backported in 6.1.40" @@ -4994,7 +4996,9 @@ CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42" # CVE-2023-4010 has no known resolution -# CVE-2023-4128 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45" + +CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45" CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39" @@ -5004,9 +5008,19 @@ CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39" CVE_STATUS[CVE-2023-4147] = "cpe-stable-backport: Backported in 6.1.43" -# CVE-2023-4155 has no known resolution +CVE_STATUS[CVE-2023-4155] = "cpe-stable-backport: Backported in 6.1.46" + +CVE_STATUS[CVE-2023-4194] = "fixed-version: only affects 6.3rc1 onwards" + +CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45" + +CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed after version 5.19rc1" + +CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed after version 5.18" + +CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed after version 5.18rc3" -# CVE-2023-4194 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed after version 6.0rc3" -# CVE-2023-4273 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed after version 5.18" diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc index 63f0760b2d..c17ac91efb 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc @@ -1,6 +1,6 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-08-25 12:42:28.369507 for version 6.4.11" +# Generated at 2023-09-04 13:17:16.330789 for version 6.4.11 python check_kernel_cve_status_version() { this_version = "6.4.11" @@ -3354,6 +3354,8 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed after version 5.9" CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed after version 5.6rc4" +# CVE-2020-27418 has no known resolution + CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed after version 5.10rc1" CVE_STATUS[CVE-2020-27675] = "fixed-version: Fixed after version 5.10rc1" @@ -4460,7 +4462,7 @@ CVE_STATUS[CVE-2022-40768] = "fixed-version: Fixed after version 6.1rc1" CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed after version 6.0rc4" -# CVE-2022-40982 has no known resolution +CVE_STATUS[CVE-2022-40982] = "cpe-stable-backport: Backported in 6.4.9" CVE_STATUS[CVE-2022-41218] = "fixed-version: Fixed after version 6.2rc1" @@ -4588,7 +4590,7 @@ CVE_STATUS[CVE-2023-0047] = "fixed-version: Fixed after version 5.16rc1" CVE_STATUS[CVE-2023-0122] = "fixed-version: Fixed after version 6.0rc4" -# CVE-2023-0160 has no known resolution +CVE_STATUS[CVE-2023-0160] = "fixed-version: Fixed after version 6.4rc1" CVE_STATUS[CVE-2023-0179] = "fixed-version: Fixed after version 6.2rc5" @@ -4702,9 +4704,9 @@ CVE_STATUS[CVE-2023-2008] = "fixed-version: Fixed after version 5.19rc4" CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed after version 6.0rc1" -# CVE-2023-20569 has no known resolution +CVE_STATUS[CVE-2023-20569] = "cpe-stable-backport: Backported in 6.4.9" -# CVE-2023-20588 has no known resolution +CVE_STATUS[CVE-2023-20588] = "cpe-stable-backport: Backported in 6.4.10" CVE_STATUS[CVE-2023-20593] = "cpe-stable-backport: Backported in 6.4.6" @@ -4900,7 +4902,7 @@ CVE_STATUS[CVE-2023-3317] = "fixed-version: Fixed after version 6.3rc6" CVE_STATUS[CVE-2023-33203] = "fixed-version: Fixed after version 6.3rc4" -# CVE-2023-33250 has no known resolution +CVE_STATUS[CVE-2023-33250] = "cpe-stable-backport: Backported in 6.4.4" CVE_STATUS[CVE-2023-33288] = "fixed-version: Fixed after version 6.3rc4" @@ -4928,7 +4930,7 @@ CVE_STATUS[CVE-2023-34255] = "fixed-version: Fixed after version 6.4rc1" CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed after version 6.4rc2" -# CVE-2023-34319 has no known resolution +CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.4.9" CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed after version 5.18rc5" @@ -4964,9 +4966,9 @@ CVE_STATUS[CVE-2023-3611] = "cpe-stable-backport: Backported in 6.4.5" # CVE-2023-37454 has no known resolution -# CVE-2023-3772 has no known resolution +# CVE-2023-3772 needs backporting (fixed from 6.4.12) -# CVE-2023-3773 has no known resolution +# CVE-2023-3773 needs backporting (fixed from 6.4.12) CVE_STATUS[CVE-2023-3776] = "cpe-stable-backport: Backported in 6.4.5" @@ -4994,7 +4996,9 @@ CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.4.7" # CVE-2023-4010 has no known resolution -# CVE-2023-4128 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.4.10" + +CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.4.10" CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.4.4" @@ -5004,9 +5008,19 @@ CVE_STATUS[CVE-2023-4134] = "cpe-stable-backport: Backported in 6.4.4" CVE_STATUS[CVE-2023-4147] = "cpe-stable-backport: Backported in 6.4.8" -# CVE-2023-4155 has no known resolution +CVE_STATUS[CVE-2023-4155] = "cpe-stable-backport: Backported in 6.4.11" + +CVE_STATUS[CVE-2023-4194] = "cpe-stable-backport: Backported in 6.4.10" + +CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.4.10" + +CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed after version 5.19rc1" + +CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed after version 5.18" + +CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed after version 5.18rc3" -# CVE-2023-4194 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed after version 6.0rc3" -# CVE-2023-4273 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed after version 5.18" |