From: bruce.ashfield@gmail.com
To: richard.purdie@linuxfoundation.org
Cc: openembedded-core@lists.openembedded.org
Subject: [meta][PATCH 06/09] linux-yocto/6.18: update CVE exclusions (6.18.7)
Date: Fri, 6 Feb 2026 15:27:24 -0500 [thread overview]
Message-ID: <20260206202732.1080699-7-bruce.ashfield@gmail.com> (raw)
In-Reply-To: <20260206202732.1080699-1-bruce.ashfield@gmail.com>
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Data pulled from: https://github.com/CVEProject/cvelistV5
1/1 [
Author: cvelistV5 Github Action
Email: github_action@example.com
Subject: 10 changes (10 new | 0 updated): - 10 new CVEs: CVE-2025-11065, CVE-2025-11687, CVE-2025-14459, CVE-2025-14525, CVE-2025-14969, CVE-2025-9520, CVE-2025-9521, CVE-2025-9522, CVE-2026-0810, CVE-2026-1190 - 0 updated CVEs:
Date: Mon, 26 Jan 2026 19:39:25 +0000
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
.../linux/cve-exclusion_6.18.inc | 118 +++++++++++++++++-
1 file changed, 114 insertions(+), 4 deletions(-)
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
index 38f260d231..a29732706e 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
@@ -1,11 +1,11 @@
# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2026-01-22 14:32:14.186712+00:00 for kernel version 6.18.6
-# From linux_kernel_cves cve_2026-01-22_1400Z
+# Generated at 2026-01-26 19:48:18.296749+00:00 for kernel version 6.18.7
+# From linux_kernel_cves cve_2026-01-26_1900Z-2-g425a25ddf37
python check_kernel_cve_status_version() {
- this_version = "6.18.6"
+ this_version = "6.18.7"
kernel_version = d.getVar("LINUX_VERSION")
if kernel_version != this_version:
bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -20158,7 +20158,7 @@ CVE_STATUS[CVE-2025-71072] = "cpe-stable-backport: Backported in 6.18.3"
CVE_STATUS[CVE-2025-71073] = "cpe-stable-backport: Backported in 6.18.3"
-CVE_STATUS[CVE-2025-71074] = "cpe-stable-backport: Backported in 6.18.3"
+# CVE-2025-71074 needs backporting (fixed from 6.19rc1)
CVE_STATUS[CVE-2025-71075] = "cpe-stable-backport: Backported in 6.18.3"
@@ -20300,7 +20300,117 @@ CVE_STATUS[CVE-2025-71143] = "cpe-stable-backport: Backported in 6.18.4"
CVE_STATUS[CVE-2025-71144] = "cpe-stable-backport: Backported in 6.18.5"
+# CVE-2025-71145 has no known resolution
+
+CVE_STATUS[CVE-2025-71146] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71147] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71148] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71149] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71150] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71151] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71152] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71153] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71154] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71155] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71156] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71157] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71158] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71159] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71160] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71161] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71162] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2025-71163] = "cpe-stable-backport: Backported in 6.18.7"
+
CVE_STATUS[CVE-2026-22976] = "cpe-stable-backport: Backported in 6.18.6"
CVE_STATUS[CVE-2026-22977] = "cpe-stable-backport: Backported in 6.18.6"
+CVE_STATUS[CVE-2026-22978] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22979] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22980] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22981] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22982] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22983] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22984] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22985] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22986] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22987] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22988] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22989] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22990] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22991] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22992] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22993] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22994] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22995] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22996] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-22997] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-22998] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-22999] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23000] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23001] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23002] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23003] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23004] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23005] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23006] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23007] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23008] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23009] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23010] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23011] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23012] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23013] = "cpe-stable-backport: Backported in 6.18.7"
+
--
2.43.0
next prev parent reply other threads:[~2026-02-06 20:27 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-06 20:27 [PATCH 0/13] kernel-yocto: 6.18 updates and 6.12/6.16 removal bruce.ashfield
2026-02-06 20:27 ` [meta][PATCH 01/09] linux-yocto/6.12: update to v6.12.67 bruce.ashfield
2026-02-06 20:46 ` Patchtest results for " patchtest
2026-02-06 20:27 ` [meta][PATCH 02/09] linux-yocto/6.12: update CVE exclusions (6.12.67) bruce.ashfield
2026-02-06 20:27 ` [meta][PATCH 05/09] linux-yocto/6.18: update to v6.18.7 bruce.ashfield
2026-02-06 20:46 ` Patchtest results for " patchtest
2026-02-06 20:27 ` bruce.ashfield [this message]
2026-02-06 20:27 ` [meta][PATCH 07/09] linux-yocto/6.18: beaglebone black: boot and graphics fixes bruce.ashfield
2026-02-06 20:27 ` [meta][PATCH 08/09] linux-yocto/6.18: update to v6.18.8 bruce.ashfield
2026-02-06 20:27 ` [meta][PATCH 09/09] linux-yocto/6.18: update CVE exclusions (6.18.8) bruce.ashfield
2026-02-06 20:27 ` [meta-yocto-bsp][PATCH 01/04] yocto-bsp: Bump the default kernel to v6.18 for beaglebone bruce.ashfield
2026-02-06 20:46 ` Patchtest results for " patchtest
2026-02-06 20:27 ` [meta-yocto-bsp][PATCH 02/04] meta-yocto-bsp: drop 6.12 bbappend bruce.ashfield
2026-02-06 20:46 ` Patchtest results for " patchtest
2026-02-06 20:27 ` [meta-yocto-bsp][PATCH 03/04] meta-yocto-bsp: drop 6.16 bbappend bruce.ashfield
2026-02-06 20:46 ` Patchtest results for " patchtest
2026-02-06 20:27 ` [meta-yocto-bsp][PATCH 04/04] yocto-bsp: linux-yocto/6.18: update to v6.18.8 bruce.ashfield
2026-02-06 20:46 ` Patchtest results for " patchtest
2026-02-10 10:09 ` [OE-core] [PATCH 0/13] kernel-yocto: 6.18 updates and 6.12/6.16 removal Mathieu Dubois-Briand
2026-02-10 13:19 ` Richard Purdie
2026-02-10 13:42 ` Bruce Ashfield
2026-02-10 14:08 ` Mathieu Dubois-Briand
2026-02-10 14:18 ` Bruce Ashfield
2026-02-10 15:20 ` Mathieu Dubois-Briand
2026-02-10 14:15 ` Bruce Ashfield
2026-02-10 15:10 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260206202732.1080699-7-bruce.ashfield@gmail.com \
--to=bruce.ashfield@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox