[openembedded-core,whinlatter,14/18] linux-yocto/6.12: update CVE exclusions (6.12.80)

Message ID	20260423154509.1933646-15-bruce.ashfield@gmail.com
State	New
Headers	show Return-Path: <bruce.ashfield@gmail.com> ip: 209.85.160.170, mailfrom: bruce.ashfield@gmail.com) From: bruce.ashfield@gmail.com To: yoann.congal@smile.fr Cc: openembedded-core@lists.openembedded.org Subject: [openembedded-core][whinlatter][PATCH 14/18] linux-yocto/6.12: update CVE exclusions (6.12.80) Date: Thu, 23 Apr 2026 11:45:05 -0400 Message-ID: <20260423154509.1933646-15-bruce.ashfield@gmail.com> In-Reply-To: <20260423154509.1933646-1-bruce.ashfield@gmail.com> References: <20260423154509.1933646-1-bruce.ashfield@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	linux-yocto: stable updates to 6.12 \| expand [whinlatter,0/18] linux-yocto: stable updates to 6.12 [openembedded-core,whinlatter,01/18] linux-yocto/6.12: update to v6.12.72 [openembedded-core,whinlatter,02/18] linux-yocto/6.12: update CVE exclusions (6.12.72) [openembedded-core,whinlatter,03/18] linux-yocto/6.12: update to v6.12.73 [openembedded-core,whinlatter,04/18] linux-yocto/6.12: update CVE exclusions (6.12.73) [openembedded-core,whinlatter,05/18] linux-yocto/6.12: update to v6.12.74 [openembedded-core,whinlatter,06/18] linux-yocto/6.12: update CVE exclusions (6.12.74) [openembedded-core,whinlatter,07/18] linux-yocto/6.12: update to v6.12.76 [openembedded-core,whinlatter,08/18] linux-yocto/6.12: update CVE exclusions (6.12.76) [openembedded-core,whinlatter,09/18] linux-yocto/6.12: update to v6.12.77 [openembedded-core,whinlatter,10/18] linux-yocto/6.12: update CVE exclusions (6.12.77) [openembedded-core,whinlatter,11/18] linux-yocto/6.12: update to v6.12.79 [openembedded-core,whinlatter,12/18] linux-yocto/6.12: update CVE exclusions (6.12.79) [openembedded-core,whinlatter,13/18] linux-yocto/6.12: update to v6.12.80 [openembedded-core,whinlatter,14/18] linux-yocto/6.12: update CVE exclusions (6.12.80) [openembedded-core,whinlatter,15/18] linux-yocto/6.12: update to v6.12.81 [openembedded-core,whinlatter,16/18] linux-yocto/6.12: update CVE exclusions (6.12.81) [openembedded-core,whinlatter,17/18] linux-yocto/6.12: update to v6.12.83 [openembedded-core,whinlatter,18/18] linux-yocto/6.12: update CVE exclusions (6.12.83)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc index bba789c9e5..e4e81ee492 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc @@ -1,11 +1,11 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2026-03-27 19:55:47.691205+00:00 for kernel version 6.12.79 -# From linux_kernel_cves cve_2026-03-27_1900Z-2-gb6d5823e23a +# Generated at 2026-04-08 14:59:27.074934+00:00 for kernel version 6.12.80 +# From linux_kernel_cves cve_2026-04-08_1400Z python check_kernel_cve_status_version() { - this_version = "6.12.79" + this_version = "6.12.80" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -16110,9 +16110,9 @@ CVE_STATUS[CVE-2025-22114] = "fixed-version: only affects 6.14 onwards" CVE_STATUS[CVE-2025-22115] = "cpe-stable-backport: Backported in 6.12.40" -# CVE-2025-22116 needs backporting (fixed from 6.15) +CVE_STATUS[CVE-2025-22116] = "cpe-stable-backport: Backported in 6.12.80" -# CVE-2025-22117 needs backporting (fixed from 6.15) +CVE_STATUS[CVE-2025-22117] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2025-22118] = "fixed-version: only affects 6.13 onwards" @@ -19248,7 +19248,7 @@ CVE_STATUS[CVE-2025-40216] = "cpe-stable-backport: Backported in 6.12.36" CVE_STATUS[CVE-2025-40218] = "cpe-stable-backport: Backported in 6.12.54" -CVE_STATUS[CVE-2025-40219] = "cpe-stable-backport: Backported in 6.12.54" +CVE_STATUS[CVE-2025-40219] = "cpe-stable-backport: Backported in 6.12.75" CVE_STATUS[CVE-2025-40220] = "cpe-stable-backport: Backported in 6.12.54" @@ -19554,7 +19554,7 @@ CVE_STATUS[CVE-2025-68173] = "cpe-stable-backport: Backported in 6.12.58" # CVE-2025-68174 needs backporting (fixed from 6.18) -# CVE-2025-68175 needs backporting (fixed from 6.18) +CVE_STATUS[CVE-2025-68175] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2025-68176] = "cpe-stable-backport: Backported in 6.12.58" @@ -19958,7 +19958,7 @@ CVE_STATUS[CVE-2025-68734] = "cpe-stable-backport: Backported in 6.12.59" # CVE-2025-68735 needs backporting (fixed from 6.19) -# CVE-2025-68736 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2025-68736] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2025-68737] = "fixed-version: only affects 6.18 onwards" @@ -20108,8 +20108,6 @@ CVE_STATUS[CVE-2025-68810] = "cpe-stable-backport: Backported in 6.12.64" CVE_STATUS[CVE-2025-68811] = "cpe-stable-backport: Backported in 6.12.64" -CVE_STATUS[CVE-2025-68812] = "fixed-version: only affects 6.15 onwards" - CVE_STATUS[CVE-2025-68813] = "cpe-stable-backport: Backported in 6.12.64" CVE_STATUS[CVE-2025-68814] = "cpe-stable-backport: Backported in 6.12.64" @@ -20440,7 +20438,7 @@ CVE_STATUS[CVE-2026-22979] = "cpe-stable-backport: Backported in 6.12.66" CVE_STATUS[CVE-2026-22980] = "cpe-stable-backport: Backported in 6.12.66" -# CVE-2026-22981 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2026-22981] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2026-22982] = "cpe-stable-backport: Backported in 6.12.66" @@ -20448,7 +20446,7 @@ CVE_STATUS[CVE-2026-22983] = "fixed-version: only affects 6.18.4 onwards" CVE_STATUS[CVE-2026-22984] = "cpe-stable-backport: Backported in 6.12.66" -# CVE-2026-22985 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2026-22985] = "cpe-stable-backport: Backported in 6.12.80" # CVE-2026-22986 needs backporting (fixed from 6.19) @@ -20464,7 +20462,7 @@ CVE_STATUS[CVE-2026-22991] = "cpe-stable-backport: Backported in 6.12.66" CVE_STATUS[CVE-2026-22992] = "cpe-stable-backport: Backported in 6.12.66" -# CVE-2026-22993 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2026-22993] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2026-22994] = "cpe-stable-backport: Backported in 6.12.66" @@ -20892,13 +20890,13 @@ CVE_STATUS[CVE-2026-23205] = "cpe-stable-backport: Backported in 6.12.70" CVE_STATUS[CVE-2026-23206] = "cpe-stable-backport: Backported in 6.12.70" -CVE_STATUS[CVE-2026-23207] = "fixed-version: only affects 6.18.2 onwards" +CVE_STATUS[CVE-2026-23207] = "cpe-stable-backport: Backported in 6.12.80" # CVE-2026-23208 needs backporting (fixed from 6.19) CVE_STATUS[CVE-2026-23209] = "cpe-stable-backport: Backported in 6.12.70" -# CVE-2026-23210 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2026-23210] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2026-23211] = "fixed-version: only affects 6.18 onwards" @@ -20988,7 +20986,7 @@ CVE_STATUS[CVE-2026-23253] = "cpe-stable-backport: Backported in 6.12.77" CVE_STATUS[CVE-2026-23254] = "cpe-stable-backport: Backported in 6.12.70" -# CVE-2026-23255 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2026-23255] = "cpe-stable-backport: Backported in 6.12.80" CVE_STATUS[CVE-2026-23256] = "cpe-stable-backport: Backported in 6.12.70" @@ -21118,8 +21116,6 @@ CVE_STATUS[CVE-2026-23318] = "cpe-stable-backport: Backported in 6.12.77" CVE_STATUS[CVE-2026-23319] = "cpe-stable-backport: Backported in 6.12.77" -# CVE-2026-23320 needs backporting (fixed from 7.0rc1) - CVE_STATUS[CVE-2026-23321] = "cpe-stable-backport: Backported in 6.12.78" CVE_STATUS[CVE-2026-23322] = "fixed-version: only affects 6.18 onwards" @@ -21144,7 +21140,7 @@ CVE_STATUS[CVE-2026-23331] = "fixed-version: only affects 6.13 onwards" CVE_STATUS[CVE-2026-23332] = "fixed-version: only affects 6.16 onwards" -# CVE-2026-23333 has no known resolution +# CVE-2026-23333 needs backporting (fixed from 7.0rc1) CVE_STATUS[CVE-2026-23334] = "cpe-stable-backport: Backported in 6.12.77" @@ -21276,5 +21272,205 @@ CVE_STATUS[CVE-2026-23397] = "cpe-stable-backport: Backported in 6.12.78" CVE_STATUS[CVE-2026-23398] = "cpe-stable-backport: Backported in 6.12.78" -# CVE-2026-31788 has no known resolution +CVE_STATUS[CVE-2026-23399] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23400] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23401] = "cpe-stable-backport: Backported in 6.12.80" + +CVE_STATUS[CVE-2026-23402] = "fixed-version: only affects 6.16 onwards" + +CVE_STATUS[CVE-2026-23403] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23404] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23405] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23406] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23407] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23408] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23409] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23410] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23411] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23412] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23413] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23414] = "cpe-stable-backport: Backported in 6.12.80" + +CVE_STATUS[CVE-2026-23415] = "fixed-version: only affects 6.16 onwards" + +CVE_STATUS[CVE-2026-23416] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23417] = "cpe-stable-backport: Backported in 6.12.80" + +CVE_STATUS[CVE-2026-23418] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23419] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23420] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23421] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23422] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23423] = "fixed-version: only affects 6.13 onwards" + +CVE_STATUS[CVE-2026-23424] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23425] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23426] = "cpe-stable-backport: Backported in 6.12.77" + +CVE_STATUS[CVE-2026-23427] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23428] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23429] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23430] = "fixed-version: only affects 6.16 onwards" + +CVE_STATUS[CVE-2026-23431] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23432] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23433] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23434] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23435] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23436] = "fixed-version: only affects 6.13 onwards" + +CVE_STATUS[CVE-2026-23437] = "fixed-version: only affects 6.13 onwards" + +CVE_STATUS[CVE-2026-23438] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23439] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23440] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23441] = "cpe-stable-backport: Backported in 6.12.78" + +# CVE-2026-23442 needs backporting (fixed from 7.0rc5) + +CVE_STATUS[CVE-2026-23443] = "cpe-stable-backport: Backported in 6.12.78" + +# CVE-2026-23444 needs backporting (fixed from 7.0rc5) + +CVE_STATUS[CVE-2026-23445] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23446] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23447] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23448] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23449] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23450] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23451] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23452] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23453] = "fixed-version: only affects 6.19 onwards" + +CVE_STATUS[CVE-2026-23454] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23455] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23456] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23457] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23458] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23459] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23460] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23461] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23462] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23463] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23464] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23465] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23466] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23467] = "fixed-version: only affects 6.16 onwards" + +# CVE-2026-23468 needs backporting (fixed from 7.0rc5) + +# CVE-2026-23469 needs backporting (fixed from 7.0rc5) + +CVE_STATUS[CVE-2026-23470] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23471] = "cpe-stable-backport: Backported in 6.12.78" + +# CVE-2026-23472 needs backporting (fixed from 7.0rc5) + +# CVE-2026-23473 needs backporting (fixed from 7.0rc5) + +CVE_STATUS[CVE-2026-23474] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-23475] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31389] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31390] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-31391] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31392] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31393] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31394] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31395] = "fixed-version: only affects 6.13 onwards" + +CVE_STATUS[CVE-2026-31396] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31397] = "fixed-version: only affects 6.16 onwards" + +CVE_STATUS[CVE-2026-31398] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-31399] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31400] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31401] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31402] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31403] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31404] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-31405] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31406] = "cpe-stable-backport: Backported in 6.12.80" + +# CVE-2026-31407 needs backporting (fixed from 7.0rc5) + +CVE_STATUS[CVE-2026-31408] = "cpe-stable-backport: Backported in 6.12.80" + +CVE_STATUS[CVE-2026-31409] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31410] = "cpe-stable-backport: Backported in 6.12.78" + +CVE_STATUS[CVE-2026-31411] = "cpe-stable-backport: Backported in 6.12.75" + +CVE_STATUS[CVE-2026-31788] = "cpe-stable-backport: Backported in 6.12.78"

[openembedded-core,whinlatter,14/18] linux-yocto/6.12: update CVE exclusions (6.12.80)

Commit Message

Patch