From: Bruce Ashfield <bruce.ashfi...@gmail.com> Data pulled from: https://github.com/nluedtke/linux_kernel_cves
1/1 [ Author: Nicholas Luedtke Email: nicholas.lued...@uwalumni.com Subject: Update 3Feb24 Date: Sat, 3 Feb 2024 00:42:14 -0500 ] Signed-off-by: Bruce Ashfield <bruce.ashfi...@gmail.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- .../linux/cve-exclusion_5.15.inc | 91 +++++++++++++++++-- 1 file changed, 85 insertions(+), 6 deletions(-) diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc index 0d54b414d9..d33f2b3c7f 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2024-01-18 18:47:24.084935 for version 5.15.147 +# Generated at 2024-02-06 21:02:11.546853 for version 5.15.148 python check_kernel_cve_status_version() { - this_version = "5.15.147" + this_version = "5.15.148" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -5299,6 +5299,12 @@ CVE_CHECK_IGNORE += "CVE-2021-3348" # fixed-version: Fixed after version 5.13rc7 CVE_CHECK_IGNORE += "CVE-2021-33624" +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2021-33630" + +# cpe-stable-backport: Backported in 5.15.87 +CVE_CHECK_IGNORE += "CVE-2021-33631" + # cpe-stable-backport: Backported in 5.15.54 CVE_CHECK_IGNORE += "CVE-2021-33655" @@ -6395,7 +6401,8 @@ CVE_CHECK_IGNORE += "CVE-2022-3635" # fixed-version: only affects 5.19 onwards CVE_CHECK_IGNORE += "CVE-2022-3640" -# CVE-2022-36402 has no known resolution +# cpe-stable-backport: Backported in 5.15.129 +CVE_CHECK_IGNORE += "CVE-2022-36402" # CVE-2022-3642 has no known resolution @@ -7368,9 +7375,15 @@ CVE_CHECK_IGNORE += "CVE-2023-4611" # cpe-stable-backport: Backported in 5.15.132 CVE_CHECK_IGNORE += "CVE-2023-4623" +# cpe-stable-backport: Backported in 5.15.137 +CVE_CHECK_IGNORE += "CVE-2023-46343" + # cpe-stable-backport: Backported in 5.15.137 CVE_CHECK_IGNORE += "CVE-2023-46813" +# cpe-stable-backport: Backported in 5.15.148 +CVE_CHECK_IGNORE += "CVE-2023-46838" + # cpe-stable-backport: Backported in 5.15.140 CVE_CHECK_IGNORE += "CVE-2023-46862" @@ -7385,11 +7398,17 @@ CVE_CHECK_IGNORE += "CVE-2023-4881" # cpe-stable-backport: Backported in 5.15.132 CVE_CHECK_IGNORE += "CVE-2023-4921" -# CVE-2023-50431 has no known resolution +# CVE-2023-50431 needs backporting (fixed from 6.8rc1) # fixed-version: only affects 6.0rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5090" +# cpe-stable-backport: Backported in 5.15.128 +CVE_CHECK_IGNORE += "CVE-2023-51042" + +# cpe-stable-backport: Backported in 5.15.121 +CVE_CHECK_IGNORE += "CVE-2023-51043" + # cpe-stable-backport: Backported in 5.15.135 CVE_CHECK_IGNORE += "CVE-2023-5158" @@ -7411,6 +7430,9 @@ CVE_CHECK_IGNORE += "CVE-2023-51782" # cpe-stable-backport: Backported in 5.15.134 CVE_CHECK_IGNORE += "CVE-2023-5197" +# cpe-stable-backport: Backported in 5.15.147 +CVE_CHECK_IGNORE += "CVE-2023-52340" + # fixed-version: only affects 6.1rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5345" @@ -7425,7 +7447,8 @@ CVE_CHECK_IGNORE += "CVE-2023-5972" # CVE-2023-6039 needs backporting (fixed from 6.5rc5) -# CVE-2023-6040 needs backporting (fixed from 5.18rc1) +# cpe-stable-backport: Backported in 5.15.147 +CVE_CHECK_IGNORE += "CVE-2023-6040" # fixed-version: only affects 6.6rc3 onwards CVE_CHECK_IGNORE += "CVE-2023-6111" @@ -7436,6 +7459,9 @@ CVE_CHECK_IGNORE += "CVE-2023-6121" # cpe-stable-backport: Backported in 5.15.132 CVE_CHECK_IGNORE += "CVE-2023-6176" +# fixed-version: only affects 6.6rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6200" + # CVE-2023-6238 has no known resolution # CVE-2023-6270 has no known resolution @@ -7468,6 +7494,9 @@ CVE_CHECK_IGNORE += "CVE-2023-6679" # cpe-stable-backport: Backported in 5.15.143 CVE_CHECK_IGNORE += "CVE-2023-6817" +# cpe-stable-backport: Backported in 5.15.148 +CVE_CHECK_IGNORE += "CVE-2023-6915" + # cpe-stable-backport: Backported in 5.15.143 CVE_CHECK_IGNORE += "CVE-2023-6931" @@ -7487,5 +7516,55 @@ CVE_CHECK_IGNORE += "CVE-2024-0193" # fixed-version: only affects 6.2rc1 onwards CVE_CHECK_IGNORE += "CVE-2024-0443" -# Skipping dd=CVE-2023-1476, no affected_versions +# cpe-stable-backport: Backported in 5.15.64 +CVE_CHECK_IGNORE += "CVE-2024-0562" + +# CVE-2024-0564 has no known resolution + +# CVE-2024-0565 needs backporting (fixed from 6.7rc6) + +# fixed-version: only affects 6.4rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-0582" + +# cpe-stable-backport: Backported in 5.15.142 +CVE_CHECK_IGNORE += "CVE-2024-0584" + +# cpe-stable-backport: Backported in 5.15.140 +CVE_CHECK_IGNORE += "CVE-2024-0607" + +# cpe-stable-backport: Backported in 5.15.121 +CVE_CHECK_IGNORE += "CVE-2024-0639" + +# cpe-stable-backport: Backported in 5.15.135 +CVE_CHECK_IGNORE += "CVE-2024-0641" + +# cpe-stable-backport: Backported in 5.15.147 +CVE_CHECK_IGNORE += "CVE-2024-0646" + +# cpe-stable-backport: Backported in 5.15.112 +CVE_CHECK_IGNORE += "CVE-2024-0775" + +# CVE-2024-0841 has no known resolution + +# cpe-stable-backport: Backported in 5.15.148 +CVE_CHECK_IGNORE += "CVE-2024-1085" + +# CVE-2024-1086 needs backporting (fixed from 6.8rc2) + +# CVE-2024-21803 has no known resolution + +# CVE-2024-22099 has no known resolution + +# cpe-stable-backport: Backported in 5.15.146 +CVE_CHECK_IGNORE += "CVE-2024-22705" + +# CVE-2024-23307 has no known resolution + +# CVE-2024-23848 has no known resolution + +# CVE-2024-23849 has no known resolution + +# CVE-2024-23850 has no known resolution + +# CVE-2024-23851 has no known resolution -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#196169): https://lists.openembedded.org/g/openembedded-core/message/196169 Mute This Topic: https://lists.openembedded.org/mt/104571856/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-