From 72124e6aeaa0ee566f8c9578926a72fba7ea3962 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Fri, 14 Jul 2023 15:53:18 +0100 Subject: [PATCH] linux-yocto_6.1: ignore backported CVEs These CVEs have all been fixed in 6.1 point releases. Signed-off-by: Ross Burton Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie --- .../recipes-kernel/linux/cve-exclusion_6.1.inc | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 49b4159b347..6a0bd19447c 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -542,6 +542,12 @@ CVE_CHECK_IGNORE += "CVE-2023-2235" # Fixed in 6.1.16 CVE_CHECK_IGNORE += "CVE-2023-2985" +# Backported to 6.1.30 +CVE_CHECK_IGNORE += "CVE-2023-3090" + +# Backported to 6.1.35 +CVE_CHECK_IGNORE += "CVE-2023-3117" + # Backported to 6.1.30 as 9a342d4 CVE_CHECK_IGNORE += "CVE-2023-3141" @@ -560,6 +566,18 @@ CVE_CHECK_IGNORE += "CVE-2023-3220" # Backported to 6.1.28 CVE_CHECK_IGNORE += "CVE-2023-3268" +# Backported to 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-3358" + +# Backported to 6.1.11 +CVE_CHECK_IGNORE += "CVE-2023-3359" + +# Backported to 6.1.36 +CVE_CHECK_IGNORE += "CVE-2023-3389" + +# Backported to 6.1.35 +CVE_CHECK_IGNORE += "CVE-2023-3390" + # https://nvd.nist.gov/vuln/detail/CVE-2023-23005 # Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b # Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee -- 2.47.3