[meta,02/15] linux-yocto/6.18: update CVE exclusions (6.18.20)

Message ID	20260423153222.1932256-3-bruce.ashfield@gmail.com
State	New
Headers	show Return-Path: <bruce.ashfield@gmail.com> ip: 209.85.219.52, mailfrom: bruce.ashfield@gmail.com) From: bruce.ashfield@gmail.com To: richard.purdie@linuxfoundation.org Cc: openembedded-core@lists.openembedded.org Subject: [meta][PATCH 02/15] linux-yocto/6.18: update CVE exclusions (6.18.20) Date: Thu, 23 Apr 2026 11:32:09 -0400 Message-ID: <20260423153222.1932256-3-bruce.ashfield@gmail.com> In-Reply-To: <20260423153222.1932256-1-bruce.ashfield@gmail.com> References: <20260423153222.1932256-1-bruce.ashfield@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	linux-yocto: -stable updates \| expand [0/15] linux-yocto: -stable updates [meta,01/15] linux-yocto/6.18: update to v6.18.20 [meta,02/15] linux-yocto/6.18: update CVE exclusions (6.18.20) [meta,03/15] linux-yocto/6.18: update to v6.18.21 [meta,04/15] linux-yocto/6.18: update CVE exclusions (6.18.21) [meta,05/15] linux-yocto/6.18: update to v6.18.22 [meta,06/15] linux-yocto/6.18: update CVE exclusions (6.18.22) [meta,07/15] linux-yocto/6.18: update to v6.18.23 [meta,08/15] linux-yocto/6.18: update CVE exclusions (6.18.23) [meta,09/15] linux-yocto/6.18: update to v6.18.24 [meta,10/15] linux-yocto/6.18: update CVE exclusions (6.18.24) [meta-yocto-bsp,11/15] yocto-bsps: update to v6.18.20 [meta-yocto-bsp,12/15] yocto-bsps: update to v6.18.21 [meta-yocto-bsp,13/15] yocto-bsps: update to v6.18.22 [meta-yocto-bsp,14/15] yocto-bsps: update to v6.18.23 [meta-yocto-bsp,15/15] yocto-bsps: update to v6.18.24

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc index 73b93ff135..8f458e9d10 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc @@ -1,11 +1,11 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2026-03-23 02:14:01.393507+00:00 for kernel version 6.18.19 -# From linux_kernel_cves cve_2026-03-23_0100Z +# Generated at 2026-03-27 19:44:12.925073+00:00 for kernel version 6.18.20 +# From linux_kernel_cves cve_2026-03-27_1900Z-1-g663ca5d2278 python check_kernel_cve_status_version() { - this_version = "6.18.19" + this_version = "6.18.20" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -2770,8 +2770,6 @@ CVE_STATUS[CVE-2022-49265] = "fixed-version: Fixed from version 5.18" CVE_STATUS[CVE-2022-49266] = "fixed-version: Fixed from version 5.18" -CVE_STATUS[CVE-2022-49267] = "fixed-version: Fixed from version 5.18" - CVE_STATUS[CVE-2022-49268] = "fixed-version: Fixed from version 5.18" CVE_STATUS[CVE-2022-49269] = "fixed-version: Fixed from version 5.18" @@ -9916,8 +9914,6 @@ CVE_STATUS[CVE-2024-27040] = "fixed-version: Fixed from version 6.9" CVE_STATUS[CVE-2024-27041] = "fixed-version: Fixed from version 6.9" -CVE_STATUS[CVE-2024-27042] = "fixed-version: Fixed from version 6.9" - CVE_STATUS[CVE-2024-27043] = "fixed-version: Fixed from version 6.9" CVE_STATUS[CVE-2024-27044] = "fixed-version: Fixed from version 6.9" @@ -21040,3 +21036,245 @@ CVE_STATUS[CVE-2026-23277] = "cpe-stable-backport: Backported in 6.18.19" CVE_STATUS[CVE-2026-23278] = "cpe-stable-backport: Backported in 6.18.19" +CVE_STATUS[CVE-2026-23279] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23280] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23281] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23282] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23283] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23284] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23285] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23286] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23287] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23288] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23289] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23290] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23291] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23292] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23293] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23294] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23295] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23296] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23297] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23298] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23299] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23300] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23301] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23302] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23303] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23304] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23305] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23306] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23307] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23308] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23309] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23310] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23311] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23312] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23313] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23314] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23315] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23316] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23317] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23318] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23319] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23320] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23321] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23322] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23323] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23324] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23325] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23326] = "cpe-stable-backport: Backported in 6.18.17" + +# CVE-2026-23327 needs backporting (fixed from 7.0rc2) + +# CVE-2026-23328 needs backporting (fixed from 7.0rc3) + +CVE_STATUS[CVE-2026-23329] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23330] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23331] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23332] = "cpe-stable-backport: Backported in 6.18.17" + +# CVE-2026-23333 has no known resolution + +CVE_STATUS[CVE-2026-23334] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23335] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23336] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23337] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23338] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23339] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23340] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23341] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23342] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23343] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23344] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23345] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23346] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23347] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23348] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23349] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23350] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23351] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23352] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23353] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23354] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23355] = "cpe-stable-backport: Backported in 6.18.18" + +CVE_STATUS[CVE-2026-23356] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23357] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23358] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23359] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23360] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23361] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23362] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23363] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23364] = "cpe-stable-backport: Backported in 6.18.19" + +CVE_STATUS[CVE-2026-23365] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23366] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23367] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23368] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23369] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23370] = "cpe-stable-backport: Backported in 6.18.17" + +# CVE-2026-23371 needs backporting (fixed from 7.0rc3) + +CVE_STATUS[CVE-2026-23372] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23373] = "cpe-stable-backport: Backported in 6.18.17" + +# CVE-2026-23374 needs backporting (fixed from 7.0rc3) + +CVE_STATUS[CVE-2026-23375] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23376] = "cpe-stable-backport: Backported in 6.18.17" + +# CVE-2026-23377 needs backporting (fixed from 7.0rc3) + +CVE_STATUS[CVE-2026-23378] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23379] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23380] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23381] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23382] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23383] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23384] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23385] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23386] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23387] = "cpe-stable-backport: Backported in 6.18.17" + +CVE_STATUS[CVE-2026-23388] = "cpe-stable-backport: Backported in 6.18.17" + +# CVE-2026-23389 needs backporting (fixed from 7.0rc3) + +CVE_STATUS[CVE-2026-23390] = "cpe-stable-backport: Backported in 6.18.13" + +CVE_STATUS[CVE-2026-23391] = "cpe-stable-backport: Backported in 6.18.20" + +CVE_STATUS[CVE-2026-23392] = "cpe-stable-backport: Backported in 6.18.20" + +CVE_STATUS[CVE-2026-23393] = "cpe-stable-backport: Backported in 6.18.20" + +# CVE-2026-23394 needs backporting (fixed from 7.0rc5) + +CVE_STATUS[CVE-2026-23395] = "cpe-stable-backport: Backported in 6.18.20" + +CVE_STATUS[CVE-2026-23396] = "cpe-stable-backport: Backported in 6.18.20" + +CVE_STATUS[CVE-2026-23397] = "cpe-stable-backport: Backported in 6.18.20" + +CVE_STATUS[CVE-2026-23398] = "cpe-stable-backport: Backported in 6.18.20" + +# CVE-2026-31788 has no known resolution +

[meta,02/15] linux-yocto/6.18: update CVE exclusions (6.18.20)

Commit Message

Patch