From 6cc4b2e6ded0a717a060a9101baf9b8bdf6dc3e0 Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Wed, 13 Aug 2025 16:49:16 -0400 Subject: [PATCH] linux-yocto/6.12: update CVE exclusions (6.12.39) Data pulled from: https://github.com/CVEProject/cvelistV5 1/1 [ Author: cvelistV5 Github Action Email: github_action@example.com Subject: 4 changes (1 new | 3 updated): - 1 new CVEs: CVE-2025-46002 - 3 updated CVEs: CVE-2025-5752, CVE-2025-6717, CVE-2025-7397 Date: Fri, 18 Jul 2025 14:11:28 +0000 ] Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit a58b2c6f20ad6257036e144bee2eec1375e1a799) Signed-off-by: Steve Sakoman --- meta/recipes-kernel/linux/cve-exclusion_6.12.inc | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc index 924e3b90ca..b408071a67 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc @@ -1,12 +1,12 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2025-07-15 14:54:42.649263+00:00 for kernel version 6.12.38 -# From linux_kernel_cves cve_2025-07-15_1400Z-4-gc77733e1fe6 +# Generated at 2025-07-18 14:17:49.367230+00:00 for kernel version 6.12.39 +# From linux_kernel_cves cve_2025-07-18_1400Z python check_kernel_cve_status_version() { - this_version = "6.12.38" + this_version = "6.12.39" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -4133,7 +4133,7 @@ CVE_STATUS[CVE-2022-49962] = "fixed-version: Fixed from version 6.0" CVE_STATUS[CVE-2022-49963] = "fixed-version: Fixed from version 6.0" -CVE_STATUS[CVE-2022-49964] = "fixed-version: Fixed from version 6.0" +CVE_STATUS[CVE-2022-49964] = "fixed-version: Fixed from version 5.19.7" CVE_STATUS[CVE-2022-49965] = "fixed-version: Fixed from version 6.0" @@ -5583,8 +5583,6 @@ CVE_STATUS[CVE-2023-52999] = "fixed-version: Fixed from version 6.2" CVE_STATUS[CVE-2023-53000] = "fixed-version: Fixed from version 6.2" -CVE_STATUS[CVE-2023-53001] = "fixed-version: Fixed from version 6.2" - CVE_STATUS[CVE-2023-53002] = "fixed-version: Fixed from version 6.2" CVE_STATUS[CVE-2023-53003] = "fixed-version: Fixed from version 6.2" @@ -13673,7 +13671,7 @@ CVE_STATUS[CVE-2025-38065] = "cpe-stable-backport: Backported in 6.12.31" CVE_STATUS[CVE-2025-38066] = "cpe-stable-backport: Backported in 6.12.31" -# CVE-2025-38067 needs backporting (fixed from 6.15) +CVE_STATUS[CVE-2025-38067] = "cpe-stable-backport: Backported in 6.12.39" CVE_STATUS[CVE-2025-38068] = "cpe-stable-backport: Backported in 6.12.31" @@ -13747,7 +13745,7 @@ CVE_STATUS[CVE-2025-38102] = "cpe-stable-backport: Backported in 6.12.34" CVE_STATUS[CVE-2025-38103] = "cpe-stable-backport: Backported in 6.12.34" -# CVE-2025-38104 needs backporting (fixed from 6.15) +CVE_STATUS[CVE-2025-38104] = "cpe-stable-backport: Backported in 6.12.39" # CVE-2025-38105 needs backporting (fixed from 6.16rc1) @@ -14237,6 +14235,8 @@ CVE_STATUS[CVE-2025-38347] = "cpe-stable-backport: Backported in 6.12.35" CVE_STATUS[CVE-2025-38348] = "cpe-stable-backport: Backported in 6.12.35" +CVE_STATUS[CVE-2025-38349] = "cpe-stable-backport: Backported in 6.12.39" + CVE_STATUS[CVE-2025-38479] = "cpe-stable-backport: Backported in 6.12.23" CVE_STATUS[CVE-2025-38575] = "cpe-stable-backport: Backported in 6.12.23" -- 2.47.3