From: Ross Burton <ross.burton@arm.com>
Date: Mon, 12 Jun 2023 13:10:30 +0000 (+0100)
Subject: cve-extra-exclusions: add more ignores for 2023 kernel CVEs
X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~688
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=86aee302673146dca10f313d0c70b69d6c4bdc7d;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

cve-extra-exclusions: add more ignores for 2023 kernel CVEs

All of these CVEs have been fixed in the kernel point release that we
currently ship, so ignore them.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index ff5d381523c..41d751a7aed 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -591,6 +591,10 @@ CVE_CHECK_IGNORE += "CVE-2023-1990"
 # Fixed in 6.1.16
 CVE_CHECK_IGNORE += "CVE-2023-1998"
 
+# https://www.linuxkernelcves.com/cves/CVE-2023-2002
+# Fixed in 6.1.27
+CVE_CHECK_IGNORE += "CVE-2023-2002"
+
 # https://www.linuxkernelcves.com/cves/CVE-2023-2156
 # Fixed in 6.1.26
 CVE_CHECK_IGNORE += "CVE-2023-2156"
@@ -598,3 +602,51 @@ CVE_CHECK_IGNORE += "CVE-2023-2156"
 # https://www.linuxkernelcves.com/cves/CVE-2023-2162
 # Fixed in 6.1.11
 CVE_CHECK_IGNORE += "CVE-2023-2162"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-2194
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-2194"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-2235
+# Fixed with 6.1.21
+CVE_CHECK_IGNORE += "CVE-2023-2235"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-28328
+# Fixed with 6.1.2
+CVE_CHECK_IGNORE += "CVE-2023-28328"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-2985
+# Fixed in 6.1.16
+CVE_CHECK_IGNORE += "CVE-2023-2985"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-28866
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-28866"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-30456
+# Fixed with 6.1.21
+CVE_CHECK_IGNORE += "CVE-2023-30456"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-30772
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-30772"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-31436
+# Fixed with 6.1.26
+CVE_CHECK_IGNORE += "CVE-2023-31436"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-32233
+# Fixed with 6.1.28
+CVE_CHECK_IGNORE += "CVE-2023-32233"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-33203
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-33203"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-33288
+# Fixed with 6.1.22
+CVE_CHECK_IGNORE += "CVE-2023-33288"
+
+# https://www.linuxkernelcves.com/cves/CVE-2023-34256
+# Fixed in 6.1.29
+CVE_CHECK_IGNORE += "CVE-2023-34256"