cve-exclusions: correct cve status for 5 entries

Message ID	20250426161929.3492087-1-daniel.turull@ericsson.com
State	Accepted, archived
Commit	fc3e32bc4cf79ddce0eb9fa409656de4dc0e00ea
Headers	show Return-Path: <daniel.turull@ericsson.com> ip: 40.107.20.52, mailfrom: edaturu@ericsson.com) Received-SPF: Pass (protection.outlook.com: domain of ericsson.com designates 192.176.1.74 as permitted sender) receiver=protection.outlook.com; client-ip=192.176.1.74; helo=oa.msg.ericsson.com; pr=C From: <daniel.turull@ericsson.com> To: <openembedded-core@lists.openembedded.org> CC: <Peter.Marko@siemens.com>, Daniel Turull <daniel.turull@ericsson.com> Subject: [PATCH] cve-exclusions: correct cve status for 5 entries Date: Sat, 26 Apr 2025 18:19:29 +0200 Message-ID: <20250426161929.3492087-1-daniel.turull@ericsson.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain
Series	cve-exclusions: correct cve status for 5 entries \| expand cve-exclusions: correct cve status for 5 entries

Message ID

20250426161929.3492087-1-daniel.turull@ericsson.com

State

Accepted, archived

Commit

fc3e32bc4cf79ddce0eb9fa409656de4dc0e00ea

Headers

Received-SPF: Pass (protection.outlook.com: domain of ericsson.com designates
 192.176.1.74 as permitted sender) receiver=protection.outlook.com;
 client-ip=192.176.1.74; helo=oa.msg.ericsson.com; pr=C
From: <daniel.turull@ericsson.com>
To: <openembedded-core@lists.openembedded.org>
CC: <Peter.Marko@siemens.com>, Daniel Turull <daniel.turull@ericsson.com>
Subject: [PATCH] cve-exclusions: correct cve status for 5 entries
Date: Sat, 26 Apr 2025 18:19:29 +0200
Message-ID: <20250426161929.3492087-1-daniel.turull@ericsson.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Apr 2025 16:20:45.0418
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 3a6ed021-2ea3-4ea8-ad0d-08dd84de4c20
X-MS-Exchange-CrossTenant-Id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=92e84ceb-fbfd-47ab-be52-080c6b87953f;Ip=[192.176.1.74];Helo=[oa.msg.ericsson.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	DU6PEPF00009524.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR07MB7555
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Sat, 26 Apr 2025 16:20:52 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/215520

Series

cve-exclusions: correct cve status for 5 entries | expand

Commit Message

Daniel Turull April 26, 2025, 4:19 p.m. UTC

From: Daniel Turull <daniel.turull@ericsson.com>

In commit 8a7af09feb the CVE_STATUS was copy from the old data
for 6.6 kernel, which had backport information.
Correcting status to when the fix was introduced and adding
references to the fixes.

Fixes: 8a7af09febc28477094de0999ab6321d910811b2
Reported-by: Peter Marko <Peter.Marko@siemens.com>
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
---
 meta/recipes-kernel/linux/cve-exclusion.inc | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion.inc b/meta/recipes-kernel/linux/cve-exclusion.inc
index 5f96a81bdd..f1b7db44b6 100644
--- a/meta/recipes-kernel/linux/cve-exclusion.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion.inc
@@ -141,12 +141,17 @@  CVE_STATUS[CVE-2023-4155] = "fixed-version: Fixed from version 6.5rc6"
 
 CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2"
 
-CVE_STATUS[CVE-2023-6270] = "cpe-stable-backport: Backported in 6.6.23"
+# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f98364e926626c678fb4b9004b75cacf92ff0662
+CVE_STATUS[CVE-2023-6270] = "fixed-version: Fixed from 6.9"
 
-CVE_STATUS[CVE-2023-6610] = "cpe-stable-backport: Backported in 6.6.13"
+# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=567320c46a60a3c39b69aa1df802d753817a3f86
+CVE_STATUS[CVE-2023-6610] = "fixed-version: Fixed from 6.7rc7"
 
-CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=65c95f78917ea6fa7ff189a2c19879c4fe161873
+CVE_STATUS[CVE-2023-6679] = "fixed-version: Fixed from 6.7rc6"
 
-CVE_STATUS[CVE-2023-7042] = "cpe-stable-backport: Backported in 6.6.23"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ad25ee36f00172f7d53242dc77c69fff7ced0755
+CVE_STATUS[CVE-2023-7042] = "fixed-version: Fixed from 6.9rc1"
 
-CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a
+CVE_STATUS[CVE-2024-0193] = "fixed-version: Fixed from 6.7"

cve-exclusions: correct cve status for 5 entries

Commit Message

Patch