From: Daniel Turull <daniel.turull@ericsson.com>
Date: Sat, 26 Apr 2025 16:19:29 +0000 (+0200)
Subject: cve-exclusions: correct cve status for 5 entries
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cf239892614c0b00feacef6b6e38283832239ad6;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

cve-exclusions: correct cve status for 5 entries

In commit 8a7af09feb the CVE_STATUS was copy from the old data
for 6.6 kernel, which had backport information.
Correcting status to when the fix was introduced and adding
references to the fixes.

Fixes: 8a7af09febc28477094de0999ab6321d910811b2
Reported-by: Peter Marko <Peter.Marko@siemens.com>
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fc3e32bc4cf79ddce0eb9fa409656de4dc0e00ea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---

diff --git a/meta/recipes-kernel/linux/cve-exclusion.inc b/meta/recipes-kernel/linux/cve-exclusion.inc
index 5f96a81bdd..f1b7db44b6 100644
--- a/meta/recipes-kernel/linux/cve-exclusion.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion.inc
@@ -141,12 +141,17 @@ CVE_STATUS[CVE-2023-4155] = "fixed-version: Fixed from version 6.5rc6"
 
 CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2"
 
-CVE_STATUS[CVE-2023-6270] = "cpe-stable-backport: Backported in 6.6.23"
+# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f98364e926626c678fb4b9004b75cacf92ff0662
+CVE_STATUS[CVE-2023-6270] = "fixed-version: Fixed from 6.9"
 
-CVE_STATUS[CVE-2023-6610] = "cpe-stable-backport: Backported in 6.6.13"
+# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=567320c46a60a3c39b69aa1df802d753817a3f86
+CVE_STATUS[CVE-2023-6610] = "fixed-version: Fixed from 6.7rc7"
 
-CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=65c95f78917ea6fa7ff189a2c19879c4fe161873
+CVE_STATUS[CVE-2023-6679] = "fixed-version: Fixed from 6.7rc6"
 
-CVE_STATUS[CVE-2023-7042] = "cpe-stable-backport: Backported in 6.6.23"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ad25ee36f00172f7d53242dc77c69fff7ced0755
+CVE_STATUS[CVE-2023-7042] = "fixed-version: Fixed from 6.9rc1"
 
-CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a
+CVE_STATUS[CVE-2024-0193] = "fixed-version: Fixed from 6.7"