From: Bruce Ashfield <bruce.ashfield@gmail.com>
Date: Thu, 18 Dec 2025 20:22:30 +0000 (-0500)
Subject: linux-yocto/6.12: update CVE exclusions (6.12.62)
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9aa4f99b55ccfac0cce41b53abe6c9dde8e0ca75;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

linux-yocto/6.12: update CVE exclusions (6.12.62)

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 8 changes (0 new | 8 updated): - 0 new CVEs: - 8 updated CVEs: CVE-2024-41260, CVE-2025-13281, CVE-2025-14606, CVE-2025-14620, CVE-2025-14621, CVE-2025-67898, CVE-2025-67899, CVE-2025-7195
        Date: Mon, 15 Dec 2025 16:32:47 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index d272b74737..4839a53cd9 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-12-09 15:18:04.005747+00:00 for kernel version 6.12.61
-# From linux_kernel_cves cve_2025-12-09_1500Z
+# Generated at 2025-12-15 16:44:27.465288+00:00 for kernel version 6.12.62
+# From linux_kernel_cves cve_2025-12-15_1600Z-2-gd297626114b
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.61"
+    this_version = "6.12.62"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -18266,7 +18266,7 @@ CVE_STATUS[CVE-2025-40213] = "fixed-version: only affects 6.17 onwards"
 
 CVE_STATUS[CVE-2025-40214] = "cpe-stable-backport: Backported in 6.12.59"
 
-# CVE-2025-40215 needs backporting (fixed from 6.16)
+CVE_STATUS[CVE-2025-40215] = "cpe-stable-backport: Backported in 6.12.62"
 
 CVE_STATUS[CVE-2025-40216] = "cpe-stable-backport: Backported in 6.12.36"
 
@@ -18526,5 +18526,7 @@ CVE_STATUS[CVE-2025-40343] = "cpe-stable-backport: Backported in 6.12.58"
 
 CVE_STATUS[CVE-2025-40344] = "cpe-stable-backport: Backported in 6.12.58"
 
+CVE_STATUS[CVE-2025-40345] = "cpe-stable-backport: Backported in 6.12.61"
+
 CVE_STATUS[CVE-2025-40364] = "cpe-stable-backport: Backported in 6.12.14"