diff mbox series

[4/4] linux-yocto/6.12: update CVE exclusions (6.12.42)

Message ID 729c4b743be634e18e1e346ce60ab3be69fa8fe0.1755784780.git.bruce.ashfield@gmail.com
State New
Headers show
Series [1/4] linux-yocto: introduce 6.16 reference kernels | expand

Commit Message

Bruce Ashfield Aug. 21, 2025, 2:03 p.m. UTC 
From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 2 changes (2 new | 0 updated): - 2 new CVEs: CVE-2025-47184, CVE-2025-9300 - 0 updated CVEs:
        Date: Thu, 21 Aug 2025 13:06:23 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.12.inc              | 264 +++++++++++++++++-
 1 file changed, 254 insertions(+), 10 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index a110f89af1..cc26368560 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-08-08 02:45:44.343204+00:00 for kernel version 6.12.41
-# From linux_kernel_cves cve_2025-08-08_0100Z-2-g05f2a09f419
+# Generated at 2025-08-21 13:18:00.380174+00:00 for kernel version 6.12.42
+# From linux_kernel_cves cve_2025-08-21_1200Z-2-g608fd2b01c2
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.41"
+    this_version = "6.12.42"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4262,8 +4262,6 @@  CVE_STATUS[CVE-2022-50029] = "fixed-version: Fixed from version 6.0"
 
 CVE_STATUS[CVE-2022-50030] = "fixed-version: Fixed from version 6.0"
 
-CVE_STATUS[CVE-2022-50031] = "fixed-version: Fixed from version 6.0"
-
 CVE_STATUS[CVE-2022-50032] = "fixed-version: Fixed from version 6.0"
 
 CVE_STATUS[CVE-2022-50033] = "fixed-version: Fixed from version 6.0"
@@ -4364,8 +4362,6 @@  CVE_STATUS[CVE-2022-50080] = "fixed-version: Fixed from version 6.0"
 
 CVE_STATUS[CVE-2022-50082] = "fixed-version: Fixed from version 6.0"
 
-CVE_STATUS[CVE-2022-50083] = "fixed-version: Fixed from version 6.0"
-
 CVE_STATUS[CVE-2022-50084] = "fixed-version: Fixed from version 6.0"
 
 CVE_STATUS[CVE-2022-50085] = "fixed-version: Fixed from version 6.0"
@@ -4656,12 +4652,28 @@  CVE_STATUS[CVE-2022-50231] = "fixed-version: Fixed from version 6.0"
 
 # CVE-2022-50232 has no known resolution
 
+CVE_STATUS[CVE-2022-50233] = "fixed-version: Fixed from version 6.0"
+
+CVE_STATUS[CVE-2023-32246] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-32249] = "fixed-version: Fixed from version 6.4"
+
 # CVE-2023-34319 has no known resolution
 
 # CVE-2023-34324 has no known resolution
 
+CVE_STATUS[CVE-2023-3865] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-3866] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5"
+
 # CVE-2023-46838 has no known resolution
 
+CVE_STATUS[CVE-2023-4130] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-4515] = "fixed-version: Fixed from version 6.5"
+
 CVE_STATUS[CVE-2023-52433] = "fixed-version: Fixed from version 6.6"
 
 CVE_STATUS[CVE-2023-52434] = "fixed-version: Fixed from version 6.7"
@@ -11986,6 +11998,8 @@  CVE_STATUS[CVE-2024-58100] = "cpe-stable-backport: Backported in 6.12.25"
 
 CVE_STATUS[CVE-2024-58237] = "cpe-stable-backport: Backported in 6.12.9"
 
+CVE_STATUS[CVE-2024-58238] = "fixed-version: Fixed from version 6.9"
+
 CVE_STATUS[CVE-2025-21629] = "cpe-stable-backport: Backported in 6.12.9"
 
 CVE_STATUS[CVE-2025-21631] = "cpe-stable-backport: Backported in 6.12.10"
@@ -12478,7 +12492,7 @@  CVE_STATUS[CVE-2025-21882] = "fixed-version: only affects 6.13 onwards"
 
 CVE_STATUS[CVE-2025-21883] = "cpe-stable-backport: Backported in 6.12.18"
 
-# CVE-2025-21884 needs backporting (fixed from 6.14)
+# CVE-2025-21884 may need backporting (fixed from 6.12.43)
 
 CVE_STATUS[CVE-2025-21885] = "cpe-stable-backport: Backported in 6.12.18"
 
@@ -13960,8 +13974,6 @@  CVE_STATUS[CVE-2025-38211] = "cpe-stable-backport: Backported in 6.12.35"
 
 CVE_STATUS[CVE-2025-38212] = "cpe-stable-backport: Backported in 6.12.35"
 
-CVE_STATUS[CVE-2025-38213] = "cpe-stable-backport: Backported in 6.12.35"
-
 CVE_STATUS[CVE-2025-38214] = "cpe-stable-backport: Backported in 6.12.35"
 
 CVE_STATUS[CVE-2025-38215] = "cpe-stable-backport: Backported in 6.12.35"
@@ -14532,8 +14544,240 @@  CVE_STATUS[CVE-2025-38497] = "cpe-stable-backport: Backported in 6.12.40"
 
 CVE_STATUS[CVE-2025-38498] = "cpe-stable-backport: Backported in 6.12.34"
 
+CVE_STATUS[CVE-2025-38499] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38500] = "cpe-stable-backport: Backported in 6.12.41"
+
+CVE_STATUS[CVE-2025-38501] = "cpe-stable-backport: Backported in 6.12.42"
+
+# CVE-2025-38502 needs backporting (fixed from 6.17rc1)
+
+CVE_STATUS[CVE-2025-38503] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38504] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38505] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38506] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38507] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38508] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38509] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38510] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38511] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38512] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38513] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38514] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38515] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38516] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38517] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38518] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38519] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38520] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38521] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38522] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38523] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38524] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38525] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38526] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38527] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38528] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38529] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38530] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38531] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38532] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38533] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38534] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38535] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38536] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38537] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38538] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38539] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38540] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38541] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38542] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38543] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38544] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38545] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38546] = "cpe-stable-backport: Backported in 6.12.39"
+
+CVE_STATUS[CVE-2025-38547] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38548] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38549] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38550] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38551] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38552] = "cpe-stable-backport: Backported in 6.12.40"
+
+CVE_STATUS[CVE-2025-38553] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38554] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38555] = "cpe-stable-backport: Backported in 6.12.42"
+
+# CVE-2025-38556 needs backporting (fixed from 6.17rc1)
+
+CVE_STATUS[CVE-2025-38557] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38558] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38559] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38560] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38561] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38562] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38563] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38564] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38565] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38566] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38567] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38568] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38569] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38570] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38571] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38572] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38573] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38574] = "cpe-stable-backport: Backported in 6.12.42"
+
 CVE_STATUS[CVE-2025-38575] = "cpe-stable-backport: Backported in 6.12.23"
 
+CVE_STATUS[CVE-2025-38576] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38577] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38578] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38579] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38580] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38581] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38582] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38583] = "cpe-stable-backport: Backported in 6.12.42"
+
+# CVE-2025-38584 needs backporting (fixed from 6.17rc1)
+
+CVE_STATUS[CVE-2025-38585] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38586] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38587] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38588] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38589] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38590] = "cpe-stable-backport: Backported in 6.12.42"
+
+# CVE-2025-38591 needs backporting (fixed from 6.17rc1)
+
+CVE_STATUS[CVE-2025-38592] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38593] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38594] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-38595] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38596] = "fixed-version: only affects 6.16 onwards"
+
+# CVE-2025-38597 needs backporting (fixed from 6.17rc1)
+
+CVE_STATUS[CVE-2025-38598] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-38599] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38600] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-38601] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38602] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38603] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-38604] = "cpe-stable-backport: Backported in 6.12.42"
+
+# CVE-2025-38605 needs backporting (fixed from 6.17rc1)
+
+CVE_STATUS[CVE-2025-38606] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38607] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38608] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38609] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38610] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38611] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38612] = "cpe-stable-backport: Backported in 6.12.42"
+
+CVE_STATUS[CVE-2025-38613] = "fixed-version: only affects 6.13 onwards"
+
+# CVE-2025-38614 may need backporting (fixed from 6.12.43)
+
+CVE_STATUS[CVE-2025-38615] = "cpe-stable-backport: Backported in 6.12.42"
+
 CVE_STATUS[CVE-2025-38637] = "cpe-stable-backport: Backported in 6.12.23"
 
 CVE_STATUS[CVE-2025-39688] = "cpe-stable-backport: Backported in 6.12.23"