MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-07-05 05:04:44 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

linux/cve-exclusion: Execute the script after changing to the new data source

Browse Source 
Execute new script generate-cve-exclusions.py
./generate-cve-exclusions.py ~/cvelistV5/ 6.12.19 > cve-exclusion_6.12.inc

After using the database from CVEproject, some old
CVEs did not have correct metadata, therefore moving missing ones
from old cve-exclusions_6.12.inc into cve-exclusion.inc

Comparing output from cve_check before and after, two CVEs are removed:
CVE-2023-52904 and CVE-2024-38381

(From OE-Core rev: ec9a04c6e86efe9d5351eb7956cfc3e94bcdc09a)

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8a7af09febc28477094de0999ab6321d910811b2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Daniel Turull 2025-04-11 08:40:15 +02:00 committed by Steve Sakoman
parent df999dc19d
commit 96dcd24e64
2 changed files with 7931 additions and 5283 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
meta/recipes-kernel/linux/cve-exclusion.inc
View File

@ -32,3 +32,121 @@ CVE_STATUS[CVE-2020-11935] = "not-applicable-config: Issue only affects aufs, wh
CVE_STATUS[CVE-2023-23005] = "disputed: There are no realistic cases \
in which a user can cause the alloc_memory_type error case to be reached. \
See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2"
# Old CVES taken before using new data from kernel CNA
CVE_STATUS[CVE-2014-8171] = "fixed-version: Fixed from version 3.12rc1"
CVE_STATUS[CVE-2017-1000255] = "fixed-version: Fixed from version 4.14rc5"
CVE_STATUS[CVE-2018-10840] = "fixed-version: Fixed from version 4.18rc1"
CVE_STATUS[CVE-2018-10876] = "fixed-version: Fixed from version 4.18rc4"
CVE_STATUS[CVE-2018-10882] = "fixed-version: Fixed from version 4.18rc4"
CVE_STATUS[CVE-2018-10902] = "fixed-version: Fixed from version 4.18rc6"
CVE_STATUS[CVE-2018-14625] = "fixed-version: Fixed from version 4.20rc6"
CVE_STATUS[CVE-2019-3016] = "fixed-version: Fixed from version 5.6rc1"
CVE_STATUS[CVE-2019-3819] = "fixed-version: Fixed from version 5.0rc6"
CVE_STATUS[CVE-2019-3887] = "fixed-version: Fixed from version 5.1rc4"
CVE_STATUS[CVE-2020-10742] = "fixed-version: Fixed from version 3.16rc1"
CVE_STATUS[CVE-2020-16119] = "fixed-version: Fixed from version 5.15rc2"
CVE_STATUS[CVE-2020-1749] = "fixed-version: Fixed from version 5.5rc1"
CVE_STATUS[CVE-2020-25672] = "fixed-version: Fixed from version 5.12rc7"
CVE_STATUS[CVE-2020-27815] = "fixed-version: Fixed from version 5.11rc1"
CVE_STATUS[CVE-2020-8834] = "fixed-version: Fixed from version 4.18rc1"
CVE_STATUS[CVE-2021-20194] = "fixed-version: Fixed from version 5.10rc1"
CVE_STATUS[CVE-2021-20265] = "fixed-version: Fixed from version 4.5rc3"
CVE_STATUS[CVE-2021-3564] = "fixed-version: Fixed from version 5.13rc5"
CVE_STATUS[CVE-2021-3669] = "fixed-version: Fixed from version 5.15rc1"
CVE_STATUS[CVE-2021-3759] = "fixed-version: Fixed from version 5.15rc1"
CVE_STATUS[CVE-2021-4218] = "fixed-version: Fixed from version 5.8rc1"
CVE_STATUS[CVE-2022-0286] = "fixed-version: Fixed from version 5.14rc2"
CVE_STATUS[CVE-2022-1462] = "fixed-version: Fixed from version 5.19rc7"
CVE_STATUS[CVE-2022-2308] = "fixed-version: Fixed from version 6.0"
CVE_STATUS[CVE-2022-2327] = "fixed-version: Fixed from version 5.12rc1"
CVE_STATUS[CVE-2022-2663] = "fixed-version: Fixed from version 6.0rc5"
CVE_STATUS[CVE-2022-2785] = "fixed-version: Fixed from version 6.0rc1"
CVE_STATUS[CVE-2022-3435] = "fixed-version: Fixed from version 6.1rc1"
CVE_STATUS[CVE-2022-3523] = "fixed-version: Fixed from version 6.1rc1"
CVE_STATUS[CVE-2022-3534] = "fixed-version: Fixed from version 6.2rc1"
CVE_STATUS[CVE-2022-3566] = "fixed-version: Fixed from version 6.1rc1"
CVE_STATUS[CVE-2022-3567] = "fixed-version: Fixed from version 6.1rc1"
CVE_STATUS[CVE-2022-3619] = "fixed-version: Fixed from version 6.1rc4"
CVE_STATUS[CVE-2022-3621] = "fixed-version: Fixed from version 6.1rc1"
CVE_STATUS[CVE-2022-3624] = "fixed-version: Fixed from version 6.0rc1"
CVE_STATUS[CVE-2022-3629] = "fixed-version: Fixed from version 6.0rc1"
CVE_STATUS[CVE-2022-3630] = "fixed-version: Fixed from version 6.0rc1"
CVE_STATUS[CVE-2022-3633] = "fixed-version: Fixed from version 6.0rc1"
CVE_STATUS[CVE-2022-3636] = "fixed-version: Fixed from version 5.19rc1"
CVE_STATUS[CVE-2022-36402] = "fixed-version: Fixed from version 6.5"
CVE_STATUS[CVE-2022-3646] = "fixed-version: Fixed from version 6.1rc1"
CVE_STATUS[CVE-2022-42895] = "fixed-version: Fixed from version 6.1rc4"
CVE_STATUS[CVE-2022-4382] = "fixed-version: Fixed from version 6.2rc5"
CVE_STATUS[CVE-2023-1073] = "fixed-version: Fixed from version 6.2rc5"
CVE_STATUS[CVE-2023-1074] = "fixed-version: Fixed from version 6.2rc6"
CVE_STATUS[CVE-2023-1075] = "fixed-version: Fixed from version 6.2rc7"
CVE_STATUS[CVE-2023-1076] = "fixed-version: Fixed from version 6.3rc1"
CVE_STATUS[CVE-2023-2898] = "fixed-version: Fixed from version 6.5rc1"
CVE_STATUS[CVE-2023-3772] = "fixed-version: Fixed from version 6.5rc7"
CVE_STATUS[CVE-2023-3773] = "fixed-version: Fixed from version 6.5rc7"
CVE_STATUS[CVE-2023-4155] = "fixed-version: Fixed from version 6.5rc6"
CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2"
CVE_STATUS[CVE-2023-6270] = "cpe-stable-backport: Backported in 6.6.23"
CVE_STATUS[CVE-2023-6610] = "cpe-stable-backport: Backported in 6.6.13"
CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
CVE_STATUS[CVE-2023-7042] = "cpe-stable-backport: Backported in 6.6.23"
CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10"

13096
meta/recipes-kernel/linux/cve-exclusion_6.12.inc
View File

File diff suppressed because it is too large Load Diff