[meta][PATCH 06/15] linux-yocto/6.18: update CVE exclusions (6.18.22)

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: bruce.ashfield@gmail.com
To: richard.purdie@linuxfoundation.org
Cc: openembedded-core@lists.openembedded.org
Subject: [meta][PATCH 06/15] linux-yocto/6.18: update CVE exclusions (6.18.22)
Date: Thu, 23 Apr 2026 11:32:13 -0400	[thread overview]
Message-ID: <20260423153222.1932256-7-bruce.ashfield@gmail.com> (raw)
In-Reply-To: <20260423153222.1932256-1-bruce.ashfield@gmail.com>

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 4 changes (4 new | 0 updated): - 4 new CVEs: CVE-2026-33714, CVE-2026-33715, CVE-2026-34160, CVE-2026-34161 - 0 updated CVEs:
        Date: Tue, 14 Apr 2026 21:14:51 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.18.inc              | 68 +++++++++++++------
 1 file changed, 49 insertions(+), 19 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
index 03f89ed9eb..2429851ff8 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2026-04-08 14:33:17.297345+00:00 for kernel version 6.18.21
-# From linux_kernel_cves cve_2026-04-08_1300Z-1-g105fda2ec51
+# Generated at 2026-04-14 21:26:55.774766+00:00 for kernel version 6.18.22
+# From linux_kernel_cves cve_2026-04-14_2000Z-2-gad6d9150d01
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.18.21"
+    this_version = "6.18.22"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -21052,7 +21052,7 @@ CVE_STATUS[CVE-2026-23286] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23287] = "cpe-stable-backport: Backported in 6.18.17"
 
-CVE_STATUS[CVE-2026-23288] = "fixed-version: only affects 6.19 onwards"
+CVE_STATUS[CVE-2026-23288] = "fixed-version: only affects 6.19.4 onwards"
 
 CVE_STATUS[CVE-2026-23289] = "cpe-stable-backport: Backported in 6.18.17"
 
@@ -21128,9 +21128,9 @@ CVE_STATUS[CVE-2026-23325] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23326] = "cpe-stable-backport: Backported in 6.18.17"
 
-# CVE-2026-23327 needs backporting (fixed from 7.0rc2)
+# CVE-2026-23327 needs backporting (fixed from 7.0)
 
-# CVE-2026-23328 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23328 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23329] = "cpe-stable-backport: Backported in 6.18.17"
 
@@ -21140,8 +21140,6 @@ CVE_STATUS[CVE-2026-23331] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23332] = "cpe-stable-backport: Backported in 6.18.17"
 
-# CVE-2026-23333 needs backporting (fixed from 7.0rc1)
-
 CVE_STATUS[CVE-2026-23334] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23335] = "cpe-stable-backport: Backported in 6.18.17"
@@ -21156,7 +21154,7 @@ CVE_STATUS[CVE-2026-23339] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23340] = "cpe-stable-backport: Backported in 6.18.17"
 
-CVE_STATUS[CVE-2026-23341] = "fixed-version: only affects 6.19 onwards"
+CVE_STATUS[CVE-2026-23341] = "fixed-version: only affects 6.19.4 onwards"
 
 CVE_STATUS[CVE-2026-23342] = "cpe-stable-backport: Backported in 6.18.17"
 
@@ -21216,19 +21214,19 @@ CVE_STATUS[CVE-2026-23369] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23370] = "cpe-stable-backport: Backported in 6.18.17"
 
-# CVE-2026-23371 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23371 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23372] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23373] = "cpe-stable-backport: Backported in 6.18.17"
 
-# CVE-2026-23374 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23374 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23375] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23376] = "cpe-stable-backport: Backported in 6.18.17"
 
-# CVE-2026-23377 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23377 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23378] = "cpe-stable-backport: Backported in 6.18.17"
 
@@ -21252,7 +21250,7 @@ CVE_STATUS[CVE-2026-23387] = "cpe-stable-backport: Backported in 6.18.17"
 
 CVE_STATUS[CVE-2026-23388] = "cpe-stable-backport: Backported in 6.18.17"
 
-# CVE-2026-23389 needs backporting (fixed from 7.0rc3)
+CVE_STATUS[CVE-2026-23389] = "cpe-stable-backport: Backported in 6.18.22"
 
 CVE_STATUS[CVE-2026-23390] = "cpe-stable-backport: Backported in 6.18.13"
 
@@ -21262,7 +21260,7 @@ CVE_STATUS[CVE-2026-23392] = "cpe-stable-backport: Backported in 6.18.20"
 
 CVE_STATUS[CVE-2026-23393] = "cpe-stable-backport: Backported in 6.18.20"
 
-# CVE-2026-23394 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23394 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23395] = "cpe-stable-backport: Backported in 6.18.20"
 
@@ -21358,7 +21356,7 @@ CVE_STATUS[CVE-2026-23440] = "cpe-stable-backport: Backported in 6.18.20"
 
 CVE_STATUS[CVE-2026-23441] = "cpe-stable-backport: Backported in 6.18.20"
 
-# CVE-2026-23442 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23442 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23443] = "cpe-stable-backport: Backported in 6.18.20"
 
@@ -21392,7 +21390,7 @@ CVE_STATUS[CVE-2026-23457] = "cpe-stable-backport: Backported in 6.18.20"
 
 CVE_STATUS[CVE-2026-23458] = "cpe-stable-backport: Backported in 6.18.20"
 
-# CVE-2026-23459 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23459 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23460] = "cpe-stable-backport: Backported in 6.18.20"
 
@@ -21416,8 +21414,6 @@ CVE_STATUS[CVE-2026-23469] = "cpe-stable-backport: Backported in 6.18.20"
 
 CVE_STATUS[CVE-2026-23470] = "cpe-stable-backport: Backported in 6.18.20"
 
-CVE_STATUS[CVE-2026-23471] = "cpe-stable-backport: Backported in 6.18.20"
-
 CVE_STATUS[CVE-2026-23472] = "cpe-stable-backport: Backported in 6.18.20"
 
 CVE_STATUS[CVE-2026-23473] = "cpe-stable-backport: Backported in 6.18.20"
@@ -21462,7 +21458,7 @@ CVE_STATUS[CVE-2026-31405] = "cpe-stable-backport: Backported in 6.18.19"
 
 CVE_STATUS[CVE-2026-31406] = "cpe-stable-backport: Backported in 6.18.21"
 
-# CVE-2026-31407 needs backporting (fixed from 7.0rc5)
+# CVE-2026-31407 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-31408] = "cpe-stable-backport: Backported in 6.18.21"
 
@@ -21472,5 +21468,39 @@ CVE_STATUS[CVE-2026-31410] = "cpe-stable-backport: Backported in 6.18.20"
 
 CVE_STATUS[CVE-2026-31411] = "cpe-stable-backport: Backported in 6.18.14"
 
+CVE_STATUS[CVE-2026-31412] = "cpe-stable-backport: Backported in 6.18.19"
+
+CVE_STATUS[CVE-2026-31413] = "cpe-stable-backport: Backported in 6.18.21"
+
+CVE_STATUS[CVE-2026-31414] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31415] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31416] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31417] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31418] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31419] = "cpe-stable-backport: Backported in 6.18.22"
+
+# CVE-2026-31420 needs backporting (fixed from 7.0)
+
+CVE_STATUS[CVE-2026-31421] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31422] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31423] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31424] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31425] = "cpe-stable-backport: Backported in 6.18.22"
+
+CVE_STATUS[CVE-2026-31426] = "cpe-stable-backport: Backported in 6.18.21"
+
+CVE_STATUS[CVE-2026-31427] = "cpe-stable-backport: Backported in 6.18.21"
+
+CVE_STATUS[CVE-2026-31428] = "cpe-stable-backport: Backported in 6.18.21"
+
 CVE_STATUS[CVE-2026-31788] = "cpe-stable-backport: Backported in 6.18.20"
 
-- 
2.43.0

next prev parent reply	other threads:[~2026-04-23 15:32 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-23 15:32 [PATCH 0/15] linux-yocto: -stable updates bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 01/15] linux-yocto/6.18: update to v6.18.20 bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 02/15] linux-yocto/6.18: update CVE exclusions (6.18.20) bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 03/15] linux-yocto/6.18: update to v6.18.21 bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 04/15] linux-yocto/6.18: update CVE exclusions (6.18.21) bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 05/15] linux-yocto/6.18: update to v6.18.22 bruce.ashfield
2026-04-23 15:46   ` Patchtest results for " patchtest
2026-04-23 15:32 ` bruce.ashfield [this message]
2026-04-23 15:32 ` [meta][PATCH 07/15] linux-yocto/6.18: update to v6.18.23 bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 08/15] linux-yocto/6.18: update CVE exclusions (6.18.23) bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 09/15] linux-yocto/6.18: update to v6.18.24 bruce.ashfield
2026-04-23 15:32 ` [meta][PATCH 10/15] linux-yocto/6.18: update CVE exclusions (6.18.24) bruce.ashfield
2026-04-23 15:32 ` [meta-yocto-bsp][PATCH 11/15] yocto-bsps: update to v6.18.20 bruce.ashfield
2026-04-23 15:46   ` Patchtest results for " patchtest
2026-04-23 15:32 ` [meta-yocto-bsp][PATCH 12/15] yocto-bsps: update to v6.18.21 bruce.ashfield
2026-04-23 15:46   ` Patchtest results for " patchtest
2026-04-23 15:32 ` [meta-yocto-bsp][PATCH 13/15] yocto-bsps: update to v6.18.22 bruce.ashfield
2026-04-23 15:46   ` Patchtest results for " patchtest
2026-04-23 15:32 ` [meta-yocto-bsp][PATCH 14/15] yocto-bsps: update to v6.18.23 bruce.ashfield
2026-04-23 15:46   ` Patchtest results for " patchtest
2026-04-23 15:32 ` [meta-yocto-bsp][PATCH 15/15] yocto-bsps: update to v6.18.24 bruce.ashfield
2026-04-23 15:46   ` Patchtest results for " patchtest

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:03f89ed9e dfblob:2429851ff )
 OR (
bs:"[meta][PATCH 06/15] linux-yocto/6.18: update CVE exclusions (6.18.22)" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260423153222.1932256-7-bruce.ashfield@gmail.com \
    --to=bruce.ashfield@gmail.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=richard.purdie@linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox