[openembedded-core,whinlatter,02/18] linux-yocto/6.12: update CVE exclusions (6.12.72)

Message ID	20260423154509.1933646-3-bruce.ashfield@gmail.com
State	New
Headers	show Return-Path: <bruce.ashfield@gmail.com> ip: 209.85.160.180, mailfrom: bruce.ashfield@gmail.com) From: bruce.ashfield@gmail.com To: yoann.congal@smile.fr Cc: openembedded-core@lists.openembedded.org Subject: [openembedded-core][whinlatter][PATCH 02/18] linux-yocto/6.12: update CVE exclusions (6.12.72) Date: Thu, 23 Apr 2026 11:44:53 -0400 Message-ID: <20260423154509.1933646-3-bruce.ashfield@gmail.com> In-Reply-To: <20260423154509.1933646-1-bruce.ashfield@gmail.com> References: <20260423154509.1933646-1-bruce.ashfield@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	linux-yocto: stable updates to 6.12 \| expand [whinlatter,0/18] linux-yocto: stable updates to 6.12 [openembedded-core,whinlatter,01/18] linux-yocto/6.12: update to v6.12.72 [openembedded-core,whinlatter,02/18] linux-yocto/6.12: update CVE exclusions (6.12.72) [openembedded-core,whinlatter,03/18] linux-yocto/6.12: update to v6.12.73 [openembedded-core,whinlatter,04/18] linux-yocto/6.12: update CVE exclusions (6.12.73) [openembedded-core,whinlatter,05/18] linux-yocto/6.12: update to v6.12.74 [openembedded-core,whinlatter,06/18] linux-yocto/6.12: update CVE exclusions (6.12.74) [openembedded-core,whinlatter,07/18] linux-yocto/6.12: update to v6.12.76 [openembedded-core,whinlatter,08/18] linux-yocto/6.12: update CVE exclusions (6.12.76) [openembedded-core,whinlatter,09/18] linux-yocto/6.12: update to v6.12.77 [openembedded-core,whinlatter,10/18] linux-yocto/6.12: update CVE exclusions (6.12.77) [openembedded-core,whinlatter,11/18] linux-yocto/6.12: update to v6.12.79 [openembedded-core,whinlatter,12/18] linux-yocto/6.12: update CVE exclusions (6.12.79) [openembedded-core,whinlatter,13/18] linux-yocto/6.12: update to v6.12.80 [openembedded-core,whinlatter,14/18] linux-yocto/6.12: update CVE exclusions (6.12.80) [openembedded-core,whinlatter,15/18] linux-yocto/6.12: update to v6.12.81 [openembedded-core,whinlatter,16/18] linux-yocto/6.12: update CVE exclusions (6.12.81) [openembedded-core,whinlatter,17/18] linux-yocto/6.12: update to v6.12.83 [openembedded-core,whinlatter,18/18] linux-yocto/6.12: update CVE exclusions (6.12.83)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc index 64477c364e..089446fe87 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc @@ -1,11 +1,11 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2026-02-10 02:33:33.917945+00:00 for kernel version 6.12.69 -# From linux_kernel_cves cve_2026-02-10_0100Z +# Generated at 2026-02-16 17:20:15.768713+00:00 for kernel version 6.12.72 +# From linux_kernel_cves cve_2026-02-16_1600Z-3-gf0e5d9ffdc0 python check_kernel_cve_status_version() { - this_version = "6.12.69" + this_version = "6.12.72" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -18980,7 +18980,7 @@ CVE_STATUS[CVE-2025-40080] = "cpe-stable-backport: Backported in 6.12.53" CVE_STATUS[CVE-2025-40081] = "cpe-stable-backport: Backported in 6.12.53" -CVE_STATUS[CVE-2025-40082] = "fixed-version: only affects 6.17 onwards" +CVE_STATUS[CVE-2025-40082] = "cpe-stable-backport: Backported in 6.12.70" CVE_STATUS[CVE-2025-40083] = "cpe-stable-backport: Backported in 6.12.57" @@ -20066,8 +20066,6 @@ CVE_STATUS[CVE-2025-68787] = "cpe-stable-backport: Backported in 6.12.64" CVE_STATUS[CVE-2025-68788] = "cpe-stable-backport: Backported in 6.12.64" -CVE_STATUS[CVE-2025-68789] = "cpe-stable-backport: Backported in 6.12.64" - CVE_STATUS[CVE-2025-68790] = "fixed-version: only affects 6.18 onwards" CVE_STATUS[CVE-2025-68791] = "fixed-version: only affects 6.14 onwards" @@ -20134,7 +20132,7 @@ CVE_STATUS[CVE-2025-68821] = "cpe-stable-backport: Backported in 6.12.64" CVE_STATUS[CVE-2025-68822] = "cpe-stable-backport: Backported in 6.12.64" -# CVE-2025-68823 needs backporting (fixed from 6.19) +CVE_STATUS[CVE-2025-68823] = "cpe-stable-backport: Backported in 6.12.70" CVE_STATUS[CVE-2025-71064] = "cpe-stable-backport: Backported in 6.12.64" @@ -20376,6 +20374,26 @@ CVE_STATUS[CVE-2025-71198] = "cpe-stable-backport: Backported in 6.12.68" CVE_STATUS[CVE-2025-71199] = "cpe-stable-backport: Backported in 6.12.68" +CVE_STATUS[CVE-2025-71200] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2025-71201] = "fixed-version: only affects 6.14 onwards" + +# CVE-2025-71202 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2025-71203] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2025-71204] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2025-71220] = "cpe-stable-backport: Backported in 6.12.70" + +# CVE-2025-71221 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2025-71222] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2025-71223] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2025-71224] = "cpe-stable-backport: Backported in 6.12.70" + CVE_STATUS[CVE-2026-22976] = "cpe-stable-backport: Backported in 6.12.66" CVE_STATUS[CVE-2026-22977] = "cpe-stable-backport: Backported in 6.12.66" @@ -20646,3 +20664,203 @@ CVE_STATUS[CVE-2026-23109] = "fixed-version: only affects 6.16 onwards" CVE_STATUS[CVE-2026-23110] = "cpe-stable-backport: Backported in 6.12.68" +CVE_STATUS[CVE-2026-23111] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23112] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23113] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23114] = "fixed-version: only affects 6.16 onwards" + +CVE_STATUS[CVE-2026-23115] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-23116] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23117] = "fixed-version: only affects 6.18.2 onwards" + +CVE_STATUS[CVE-2026-23118] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23119] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23120] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23121] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23122] = "fixed-version: only affects 6.16 onwards" + +CVE_STATUS[CVE-2026-23123] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23124] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23125] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23126] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23127] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23128] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23129] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23130] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23131] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23132] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23133] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23134] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23135] = "cpe-stable-backport: Backported in 6.12.68" + +CVE_STATUS[CVE-2026-23136] = "cpe-stable-backport: Backported in 6.12.66" + +# CVE-2026-23137 needs backporting (fixed from 6.19) + +# CVE-2026-23138 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2026-23139] = "cpe-stable-backport: Backported in 6.12.66" + +CVE_STATUS[CVE-2026-23140] = "cpe-stable-backport: Backported in 6.12.66" + +CVE_STATUS[CVE-2026-23141] = "cpe-stable-backport: Backported in 6.12.67" + +CVE_STATUS[CVE-2026-23142] = "cpe-stable-backport: Backported in 6.12.67" + +CVE_STATUS[CVE-2026-23143] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-23144] = "cpe-stable-backport: Backported in 6.12.67" + +CVE_STATUS[CVE-2026-23145] = "cpe-stable-backport: Backported in 6.12.67" + +CVE_STATUS[CVE-2026-23146] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23147] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-23148] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23149] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23150] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23151] = "cpe-stable-backport: Backported in 6.12.69" + +# CVE-2026-23152 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2026-23153] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23154] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23155] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23156] = "cpe-stable-backport: Backported in 6.12.69" + +# CVE-2026-23157 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2026-23158] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23159] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23160] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23161] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23162] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23163] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23164] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23165] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23166] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23167] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23168] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23169] = "cpe-stable-backport: Backported in 6.12.72" + +CVE_STATUS[CVE-2026-23170] = "cpe-stable-backport: Backported in 6.12.69" + +# CVE-2026-23171 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2026-23172] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23173] = "cpe-stable-backport: Backported in 6.12.69" + +CVE_STATUS[CVE-2026-23174] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23175] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23176] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23177] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23178] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23179] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23180] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23181] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-23182] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23183] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23184] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23185] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23186] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-23187] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23188] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23189] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23190] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23191] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23192] = "fixed-version: only affects 6.15 onwards" + +CVE_STATUS[CVE-2026-23193] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23194] = "fixed-version: only affects 6.18 onwards" + +CVE_STATUS[CVE-2026-23195] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23196] = "fixed-version: only affects 6.14 onwards" + +CVE_STATUS[CVE-2026-23197] = "fixed-version: only affects 6.13 onwards" + +CVE_STATUS[CVE-2026-23198] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23199] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23200] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23201] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23202] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23203] = "fixed-version: only affects 6.17 onwards" + +CVE_STATUS[CVE-2026-23204] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23205] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23206] = "cpe-stable-backport: Backported in 6.12.70" + +CVE_STATUS[CVE-2026-23207] = "fixed-version: only affects 6.18.2 onwards" + +# CVE-2026-23208 needs backporting (fixed from 6.19) + +CVE_STATUS[CVE-2026-23209] = "cpe-stable-backport: Backported in 6.12.70" + +# CVE-2026-23210 needs backporting (fixed from 6.19) +

[openembedded-core,whinlatter,02/18] linux-yocto/6.12: update CVE exclusions (6.12.72)

Commit Message

Patch