From: Bruce Ashfield <bruce.ashfield@gmail.com>
Date: Fri, 5 Sep 2025 16:09:25 +0000 (-0400)
Subject: linux-yocto/6.16: update CVE exclusions (6.16.4)
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4f6616f1b2957e3bf906526acb45c95925193185;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

linux-yocto/6.16: update CVE exclusions (6.16.4)

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 6 changes (1 new | 5 updated): - 1 new CVEs: CVE-2025-36193 - 5 updated CVEs: CVE-2022-20358, CVE-2022-2460, CVE-2022-34661, CVE-2025-9839, CVE-2025-9840
        Date: Wed, 3 Sep 2025 19:07:24 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.16.inc b/meta/recipes-kernel/linux/cve-exclusion_6.16.inc
index a6e5de653f..f3fb0f9fb0 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.16.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.16.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-08-20 21:21:57.816408+00:00 for kernel version 6.16.2
-# From linux_kernel_cves cve_2025-08-20_2100Z
+# Generated at 2025-09-03 19:14:52.747326+00:00 for kernel version 6.16.4
+# From linux_kernel_cves cve_2025-09-03_1900Z
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.16.2"
+    this_version = "6.16.4"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -12000,6 +12000,10 @@ CVE_STATUS[CVE-2024-58237] = "fixed-version: Fixed from version 6.13"
 
 CVE_STATUS[CVE-2024-58238] = "fixed-version: Fixed from version 6.9"
 
+CVE_STATUS[CVE-2024-58239] = "fixed-version: Fixed from version 6.8"
+
+CVE_STATUS[CVE-2024-58240] = "fixed-version: Fixed from version 6.8"
+
 CVE_STATUS[CVE-2025-21629] = "fixed-version: Fixed from version 6.13"
 
 CVE_STATUS[CVE-2025-21631] = "fixed-version: Fixed from version 6.13"
@@ -13734,7 +13738,7 @@ CVE_STATUS[CVE-2025-38090] = "fixed-version: Fixed from version 6.16"
 
 CVE_STATUS[CVE-2025-38091] = "fixed-version: Fixed from version 6.15"
 
-CVE_STATUS[CVE-2025-38092] = "fixed-version: Fixed from version 6.15"
+CVE_STATUS[CVE-2025-38092] = "fixed-version: Fixed from version 6.14.10"
 
 CVE_STATUS[CVE-2025-38093] = "fixed-version: Fixed from version 6.16"
 
@@ -14778,8 +14782,132 @@ CVE_STATUS[CVE-2025-38614] = "cpe-stable-backport: Backported in 6.16.1"
 
 CVE_STATUS[CVE-2025-38615] = "cpe-stable-backport: Backported in 6.16.1"
 
+CVE_STATUS[CVE-2025-38616] = "cpe-stable-backport: Backported in 6.16.2"
+
+CVE_STATUS[CVE-2025-38617] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38618] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38619] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38620] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38621] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38622] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38623] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38624] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38625] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38626] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38627] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38628] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38629] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38630] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38631] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38632] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38633] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38634] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38635] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38636] = "cpe-stable-backport: Backported in 6.16.1"
+
 CVE_STATUS[CVE-2025-38637] = "fixed-version: Fixed from version 6.15"
 
+CVE_STATUS[CVE-2025-38638] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38639] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38640] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38641] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38642] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38643] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38644] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38645] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38646] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38647] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38648] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38649] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38650] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38651] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38652] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38653] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38654] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38655] = "cpe-stable-backport: Backported in 6.16.1"
+
+# CVE-2025-38656 has no known resolution
+
+CVE_STATUS[CVE-2025-38657] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38658] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38659] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38660] = "cpe-stable-backport: Backported in 6.16.1"
+
+CVE_STATUS[CVE-2025-38661] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38662] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38663] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38664] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38665] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38666] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38667] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38668] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38669] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38670] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38671] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38672] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38673] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38674] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38675] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-38676] = "cpe-stable-backport: Backported in 6.16.4"
+
+CVE_STATUS[CVE-2025-38677] = "cpe-stable-backport: Backported in 6.16.4"
+
+CVE_STATUS[CVE-2025-38678] = "cpe-stable-backport: Backported in 6.16.2"
+
 CVE_STATUS[CVE-2025-39688] = "fixed-version: Fixed from version 6.15"
 
 CVE_STATUS[CVE-2025-39728] = "fixed-version: Fixed from version 6.15"