diff mbox series

[dunfell,6/6] cve-exclusion_5.4.inc: update for 5.4.257

Message ID 0f75737a408aef19937ee023a5e6b3e881cbd99b.1698200772.git.steve@sakoman.com
State Accepted, archived
Commit 0f75737a408aef19937ee023a5e6b3e881cbd99b
Headers show
Series [dunfell,1/6] binutils: Backport fix CVE-2023-25588 | expand

Commit Message

Steve Sakoman Oct. 25, 2023, 2:29 a.m. UTC 
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/cve-exclusion_5.4.inc               | 207 +++++++++++++++---
 1 file changed, 179 insertions(+), 28 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
index 28e66d6f4f..4c17b701df 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
@@ -1,9 +1,9 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-08-25 15:56:12.313882 for version 5.4.251
+# Generated at 2023-10-24 06:03:05.289306 for version 5.4.257
 
 python check_kernel_cve_status_version() {
-    this_version = "5.4.251"
+    this_version = "5.4.257"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4832,6 +4832,9 @@  CVE_CHECK_WHITELIST += "CVE-2020-27194"
 # cpe-stable-backport: Backported in 5.4.23
 CVE_CHECK_WHITELIST += "CVE-2020-2732"
 
+# cpe-stable-backport: Backported in 5.4.25
+CVE_CHECK_WHITELIST += "CVE-2020-27418"
+
 # cpe-stable-backport: Backported in 5.4.75
 CVE_CHECK_WHITELIST += "CVE-2020-27673"
 
@@ -4966,6 +4969,9 @@  CVE_CHECK_WHITELIST += "CVE-2020-36558"
 # cpe-stable-backport: Backported in 5.4.86
 CVE_CHECK_WHITELIST += "CVE-2020-36694"
 
+# cpe-stable-backport: Backported in 5.4.62
+CVE_CHECK_WHITELIST += "CVE-2020-36766"
+
 # cpe-stable-backport: Backported in 5.4.143
 CVE_CHECK_WHITELIST += "CVE-2020-3702"
 
@@ -6408,7 +6414,8 @@  CVE_CHECK_WHITELIST += "CVE-2022-40768"
 # cpe-stable-backport: Backported in 5.4.213
 CVE_CHECK_WHITELIST += "CVE-2022-4095"
 
-# CVE-2022-40982 has no known resolution
+# cpe-stable-backport: Backported in 5.4.252
+CVE_CHECK_WHITELIST += "CVE-2022-40982"
 
 # cpe-stable-backport: Backported in 5.4.229
 CVE_CHECK_WHITELIST += "CVE-2022-41218"
@@ -6489,9 +6496,9 @@  CVE_CHECK_WHITELIST += "CVE-2022-4382"
 # fixed-version: only affects 5.11rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2022-43945"
 
-# CVE-2022-44032 has no known resolution
+# CVE-2022-44032 needs backporting (fixed from 6.4rc1)
 
-# CVE-2022-44033 has no known resolution
+# CVE-2022-44033 needs backporting (fixed from 6.4rc1)
 
 # CVE-2022-44034 has no known resolution
 
@@ -6504,14 +6511,17 @@  CVE_CHECK_WHITELIST += "CVE-2022-45869"
 
 # CVE-2022-45885 has no known resolution
 
-# CVE-2022-45886 has no known resolution
+# cpe-stable-backport: Backported in 5.4.246
+CVE_CHECK_WHITELIST += "CVE-2022-45886"
 
-# CVE-2022-45887 has no known resolution
+# cpe-stable-backport: Backported in 5.4.246
+CVE_CHECK_WHITELIST += "CVE-2022-45887"
 
 # fixed-version: only affects 5.14rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2022-45888"
 
-# CVE-2022-45919 has no known resolution
+# cpe-stable-backport: Backported in 5.4.246
+CVE_CHECK_WHITELIST += "CVE-2022-45919"
 
 # cpe-stable-backport: Backported in 5.4.229
 CVE_CHECK_WHITELIST += "CVE-2022-45934"
@@ -6586,7 +6596,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-0047"
 # fixed-version: only affects 6.0rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-0122"
 
-# CVE-2023-0160 has no known resolution
+# cpe-stable-backport: Backported in 5.4.243
+CVE_CHECK_WHITELIST += "CVE-2023-0160"
 
 # fixed-version: only affects 5.5rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-0179"
@@ -6661,12 +6672,14 @@  CVE_CHECK_WHITELIST += "CVE-2023-1192"
 
 # CVE-2023-1193 has no known resolution
 
-# CVE-2023-1194 has no known resolution
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-1194"
 
 # fixed-version: only affects 5.16rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-1195"
 
-# CVE-2023-1206 needs backporting (fixed from 6.5rc4)
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-1206"
 
 # CVE-2023-1249 needs backporting (fixed from 5.18rc1)
 
@@ -6695,7 +6708,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-1513"
 # fixed-version: only affects 5.19rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-1583"
 
-# CVE-2023-1611 needs backporting (fixed from 6.3rc5)
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-1611"
 
 # cpe-stable-backport: Backported in 5.4.189
 CVE_CHECK_WHITELIST += "CVE-2023-1637"
@@ -6744,9 +6758,10 @@  CVE_CHECK_WHITELIST += "CVE-2023-2008"
 # fixed-version: only affects 5.12rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-2019"
 
-# CVE-2023-20569 has no known resolution
+# cpe-stable-backport: Backported in 5.4.252
+CVE_CHECK_WHITELIST += "CVE-2023-20569"
 
-# CVE-2023-20588 has no known resolution
+# CVE-2023-20588 needs backporting (fixed from 6.5rc6)
 
 # cpe-stable-backport: Backported in 5.4.250
 CVE_CHECK_WHITELIST += "CVE-2023-20593"
@@ -6772,7 +6787,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-2124"
 # fixed-version: only affects 5.16rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-21255"
 
-# CVE-2023-21264 needs backporting (fixed from 6.4rc5)
+# fixed-version: only affects 5.17rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-21264"
 
 # CVE-2023-21400 has no known resolution
 
@@ -6866,6 +6882,9 @@  CVE_CHECK_WHITELIST += "CVE-2023-25012"
 # cpe-stable-backport: Backported in 5.4.242
 CVE_CHECK_WHITELIST += "CVE-2023-2513"
 
+# fixed-version: only affects 5.14rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-25775"
+
 # fixed-version: only affects 6.3rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-2598"
 
@@ -6918,7 +6937,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-2898"
 # cpe-stable-backport: Backported in 5.4.235
 CVE_CHECK_WHITELIST += "CVE-2023-2985"
 
-# CVE-2023-3006 needs backporting (fixed from 6.1rc1)
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-3006"
 
 # Skipping CVE-2023-3022, no affected_versions
 
@@ -6940,11 +6960,11 @@  CVE_CHECK_WHITELIST += "CVE-2023-3106"
 
 # CVE-2023-31082 has no known resolution
 
-# CVE-2023-31083 has no known resolution
+# CVE-2023-31083 needs backporting (fixed from 6.6rc1)
 
 # CVE-2023-31084 needs backporting (fixed from 6.4rc3)
 
-# CVE-2023-31085 has no known resolution
+# CVE-2023-31085 needs backporting (fixed from 5.4.258)
 
 # cpe-stable-backport: Backported in 5.4.247
 CVE_CHECK_WHITELIST += "CVE-2023-3111"
@@ -7017,7 +7037,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-3317"
 # cpe-stable-backport: Backported in 5.4.240
 CVE_CHECK_WHITELIST += "CVE-2023-33203"
 
-# CVE-2023-33250 has no known resolution
+# fixed-version: only affects 6.2rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-33250"
 
 # CVE-2023-33288 needs backporting (fixed from 6.3rc4)
 
@@ -7055,7 +7076,10 @@  CVE_CHECK_WHITELIST += "CVE-2023-34255"
 # cpe-stable-backport: Backported in 5.4.243
 CVE_CHECK_WHITELIST += "CVE-2023-34256"
 
-# CVE-2023-34319 has no known resolution
+# fixed-version: only affects 6.1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-34319"
+
+# CVE-2023-34324 needs backporting (fixed from 5.4.258)
 
 # fixed-version: only affects 5.15rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-3439"
@@ -7094,21 +7118,28 @@  CVE_CHECK_WHITELIST += "CVE-2023-3609"
 # fixed-version: only affects 5.9rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-3610"
 
-# CVE-2023-3611 needs backporting (fixed from 6.5rc2)
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-3611"
 
 # CVE-2023-3640 has no known resolution
 
-# CVE-2023-37453 has no known resolution
+# fixed-version: only affects 6.3rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-37453"
 
 # CVE-2023-37454 has no known resolution
 
-# CVE-2023-3772 has no known resolution
+# cpe-stable-backport: Backported in 5.4.255
+CVE_CHECK_WHITELIST += "CVE-2023-3772"
 
-# CVE-2023-3773 has no known resolution
+# fixed-version: only affects 5.17rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-3773"
 
 # cpe-stable-backport: Backported in 5.4.251
 CVE_CHECK_WHITELIST += "CVE-2023-3776"
 
+# fixed-version: only affects 5.9rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-3777"
+
 # cpe-stable-backport: Backported in 5.4.224
 CVE_CHECK_WHITELIST += "CVE-2023-3812"
 
@@ -7139,12 +7170,44 @@  CVE_CHECK_WHITELIST += "CVE-2023-38432"
 # cpe-stable-backport: Backported in 5.4.251
 CVE_CHECK_WHITELIST += "CVE-2023-3863"
 
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-3865"
+
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-3866"
+
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-3867"
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-39189"
+
+# CVE-2023-39191 needs backporting (fixed from 6.3rc1)
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-39192"
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-39193"
+
+# cpe-stable-backport: Backported in 5.4.255
+CVE_CHECK_WHITELIST += "CVE-2023-39194"
+
 # fixed-version: only affects 5.6rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-4004"
 
 # CVE-2023-4010 has no known resolution
 
-# CVE-2023-4128 needs backporting (fixed from 6.5rc5)
+# fixed-version: only affects 5.9rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4015"
+
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-40283"
+
+# CVE-2023-40791 needs backporting (fixed from 6.5rc6)
+
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-4128"
 
 # cpe-stable-backport: Backported in 5.4.251
 CVE_CHECK_WHITELIST += "CVE-2023-4132"
@@ -7156,9 +7219,97 @@  CVE_CHECK_WHITELIST += "CVE-2023-4132"
 # fixed-version: only affects 5.9rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-4147"
 
-# CVE-2023-4155 has no known resolution
+# fixed-version: only affects 5.11rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4155"
+
+# fixed-version: only affects 6.3rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4194"
+
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-4206"
+
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-4207"
 
-# CVE-2023-4194 needs backporting (fixed from 6.5rc5)
+# cpe-stable-backport: Backported in 5.4.253
+CVE_CHECK_WHITELIST += "CVE-2023-4208"
+
+# fixed-version: only affects 5.6rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4244"
 
-# CVE-2023-4273 needs backporting (fixed from 6.5rc5)
+# fixed-version: only affects 5.7rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4273"
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-42752"
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-42753"
+
+# CVE-2023-42754 needs backporting (fixed from 5.4.258)
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-42755"
+
+# fixed-version: only affects 6.4rc6 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-42756"
+
+# cpe-stable-backport: Backported in 5.4.198
+CVE_CHECK_WHITELIST += "CVE-2023-4385"
+
+# cpe-stable-backport: Backported in 5.4.196
+CVE_CHECK_WHITELIST += "CVE-2023-4387"
+
+# fixed-version: only affects 5.7rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4389"
+
+# fixed-version: only affects 5.16rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4394"
+
+# fixed-version: only affects 5.11rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-44466"
+
+# cpe-stable-backport: Backported in 5.4.196
+CVE_CHECK_WHITELIST += "CVE-2023-4459"
+
+# fixed-version: only affects 5.6rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4563"
+
+# fixed-version: only affects 5.13rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4569"
+
+# cpe-stable-backport: Backported in 5.4.235
+CVE_CHECK_WHITELIST += "CVE-2023-45862"
+
+# CVE-2023-45863 needs backporting (fixed from 6.3rc1)
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-45871"
+
+# CVE-2023-45898 needs backporting (fixed from 6.6rc1)
+
+# CVE-2023-4610 has no known resolution
+
+# fixed-version: only affects 6.4rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4611"
+
+# CVE-2023-4622 needs backporting (fixed from 6.5rc1)
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-4623"
+
+# CVE-2023-4732 needs backporting (fixed from 5.14rc1)
+
+# CVE-2023-4881 needs backporting (fixed from 6.6rc1)
+
+# cpe-stable-backport: Backported in 5.4.257
+CVE_CHECK_WHITELIST += "CVE-2023-4921"
+
+# CVE-2023-5158 has no known resolution
+
+# fixed-version: only affects 5.9rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-5197"
+
+# fixed-version: only affects 6.1rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-5345"