diff mbox series

[nanbield,2/2] linux-yocto/6.1: update CVE exclusions

Message ID 20240221024035.3238705-2-bruce.ashfield@gmail.com
State Accepted
Delegated to: Steve Sakoman
Headers show
Series [nanbield,1/2] linux-yocto/6.1: update to v6.1.78 | expand

Commit Message

Bruce Ashfield Feb. 21, 2024, 2:40 a.m. UTC 
From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/nluedtke/linux_kernel_cves

    1/1 [
        Author: Nicholas Luedtke
        Email: nicholas.luedtke@uwalumni.com
        Subject: Update 9Feb24
        Date: Fri, 9 Feb 2024 18:02:45 -0500

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.1.inc               | 104 ++++++++++++++++--
 1 file changed, 93 insertions(+), 11 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 45fcc7b260..cb48e4d88d 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,9 +1,9 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2024-01-18 21:10:06.148505+00:00 for version 6.1.73
+# Generated at 2024-02-21 02:22:41.710563+00:00 for version 6.1.78
 
 python check_kernel_cve_status_version() {
-    this_version = "6.1.73"
+    this_version = "6.1.78"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -3668,6 +3668,10 @@  CVE_STATUS[CVE-2021-3348] = "fixed-version: Fixed from version 5.11rc6"
 
 CVE_STATUS[CVE-2021-33624] = "fixed-version: Fixed from version 5.13rc7"
 
+CVE_STATUS[CVE-2021-33630] = "fixed-version: Fixed from version 5.4rc1"
+
+CVE_STATUS[CVE-2021-33631] = "cpe-stable-backport: Backported in 6.1.4"
+
 CVE_STATUS[CVE-2021-33655] = "fixed-version: Fixed from version 5.19rc6"
 
 CVE_STATUS[CVE-2021-33656] = "fixed-version: Fixed from version 5.12rc1"
@@ -4420,7 +4424,7 @@  CVE_STATUS[CVE-2022-3636] = "fixed-version: Fixed from version 5.19rc1"
 
 CVE_STATUS[CVE-2022-3640] = "fixed-version: Fixed from version 6.1rc4"
 
-# CVE-2022-36402 has no known resolution
+CVE_STATUS[CVE-2022-36402] = "cpe-stable-backport: Backported in 6.1.50"
 
 # CVE-2022-3642 has no known resolution
 
@@ -4958,7 +4962,7 @@  CVE_STATUS[CVE-2023-35824] = "cpe-stable-backport: Backported in 6.1.28"
 
 CVE_STATUS[CVE-2023-35826] = "cpe-stable-backport: Backported in 6.1.28"
 
-# CVE-2023-35827 needs backporting (fixed from 6.1.59)
+CVE_STATUS[CVE-2023-35827] = "cpe-stable-backport: Backported in 6.1.59"
 
 CVE_STATUS[CVE-2023-35828] = "cpe-stable-backport: Backported in 6.1.28"
 
@@ -5032,7 +5036,7 @@  CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43"
 
 CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45"
 
-# CVE-2023-40791 needs backporting (fixed from 6.5rc6)
+CVE_STATUS[CVE-2023-40791] = "fixed-version: only affects 6.3rc1 onwards"
 
 CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45"
 
@@ -5100,9 +5104,15 @@  CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
 
 CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53"
 
-# CVE-2023-46813 needs backporting (fixed from 6.1.60)
+CVE_STATUS[CVE-2023-46343] = "cpe-stable-backport: Backported in 6.1.60"
+
+CVE_STATUS[CVE-2023-46813] = "cpe-stable-backport: Backported in 6.1.60"
 
-# CVE-2023-46862 needs backporting (fixed from 6.6)
+CVE_STATUS[CVE-2023-46838] = "cpe-stable-backport: Backported in 6.1.75"
+
+CVE_STATUS[CVE-2023-46862] = "cpe-stable-backport: Backported in 6.1.61"
+
+# CVE-2023-47233 has no known resolution
 
 CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1"
 
@@ -5110,10 +5120,14 @@  CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54"
 
 CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54"
 
-# CVE-2023-50431 has no known resolution
+CVE_STATUS[CVE-2023-50431] = "cpe-stable-backport: Backported in 6.1.75"
 
 CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62"
 
+CVE_STATUS[CVE-2023-51042] = "cpe-stable-backport: Backported in 6.1.47"
+
+CVE_STATUS[CVE-2023-51043] = "cpe-stable-backport: Backported in 6.1.40"
+
 CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57"
 
 CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.1.70"
@@ -5128,11 +5142,13 @@  CVE_STATUS[CVE-2023-51782] = "cpe-stable-backport: Backported in 6.1.69"
 
 CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56"
 
+CVE_STATUS[CVE-2023-52340] = "cpe-stable-backport: Backported in 6.1.73"
+
 CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56"
 
 CVE_STATUS[CVE-2023-5633] = "fixed-version: only affects 6.2 onwards"
 
-# CVE-2023-5717 needs backporting (fixed from 6.1.60)
+CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.1.60"
 
 CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards"
 
@@ -5146,8 +5162,12 @@  CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65"
 
 CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54"
 
+CVE_STATUS[CVE-2023-6200] = "fixed-version: only affects 6.6rc1 onwards"
+
 # CVE-2023-6238 has no known resolution
 
+# CVE-2023-6240 has no known resolution
+
 # CVE-2023-6270 has no known resolution
 
 # CVE-2023-6356 has no known resolution
@@ -5164,7 +5184,7 @@  CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47"
 
 CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.1.70"
 
-# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
+CVE_STATUS[CVE-2023-6610] = "cpe-stable-backport: Backported in 6.1.74"
 
 CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68"
 
@@ -5172,6 +5192,8 @@  CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
 
 CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68"
 
+CVE_STATUS[CVE-2023-6915] = "cpe-stable-backport: Backported in 6.1.74"
+
 CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.1.68"
 
 CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66"
@@ -5186,5 +5208,65 @@  CVE_STATUS[CVE-2024-0193] = "fixed-version: only affects 6.5rc6 onwards"
 
 CVE_STATUS[CVE-2024-0443] = "fixed-version: only affects 6.2rc1 onwards"
 
-# Skipping dd=CVE-2023-1476, no affected_versions
+CVE_STATUS[CVE-2024-0562] = "fixed-version: Fixed from version 6.0rc3"
+
+# CVE-2024-0564 has no known resolution
+
+CVE_STATUS[CVE-2024-0565] = "cpe-stable-backport: Backported in 6.1.69"
+
+CVE_STATUS[CVE-2024-0582] = "fixed-version: only affects 6.4rc1 onwards"
+
+CVE_STATUS[CVE-2024-0584] = "cpe-stable-backport: Backported in 6.1.66"
+
+CVE_STATUS[CVE-2024-0607] = "cpe-stable-backport: Backported in 6.1.64"
+
+CVE_STATUS[CVE-2024-0639] = "cpe-stable-backport: Backported in 6.1.39"
+
+CVE_STATUS[CVE-2024-0641] = "cpe-stable-backport: Backported in 6.1.57"
+
+CVE_STATUS[CVE-2024-0646] = "cpe-stable-backport: Backported in 6.1.69"
+
+CVE_STATUS[CVE-2024-0775] = "cpe-stable-backport: Backported in 6.1.29"
+
+# CVE-2024-0841 has no known resolution
+
+CVE_STATUS[CVE-2024-1085] = "cpe-stable-backport: Backported in 6.1.75"
+
+CVE_STATUS[CVE-2024-1086] = "cpe-stable-backport: Backported in 6.1.76"
+
+# CVE-2024-1312 needs backporting (fixed from 6.5rc4)
+
+# CVE-2024-21803 has no known resolution
+
+# CVE-2024-22099 has no known resolution
+
+# CVE-2024-22386 has no known resolution
+
+CVE_STATUS[CVE-2024-22705] = "cpe-stable-backport: Backported in 6.1.71"
+
+# CVE-2024-23196 has no known resolution
+
+# CVE-2024-23307 has no known resolution
+
+# CVE-2024-23848 has no known resolution
+
+CVE_STATUS[CVE-2024-23849] = "cpe-stable-backport: Backported in 6.1.76"
+
+# CVE-2024-23850 has no known resolution
+
+# CVE-2024-23851 has no known resolution
+
+# CVE-2024-24855 has no known resolution
+
+# CVE-2024-24857 has no known resolution
+
+# CVE-2024-24858 has no known resolution
+
+# CVE-2024-24859 has no known resolution
+
+# CVE-2024-24860 has no known resolution
+
+# CVE-2024-24861 has no known resolution
+
+# CVE-2024-24864 has no known resolution