[openembedded-core][whinlatter][PATCH 16/18] linux-yocto/6.12: update CVE exclusions (6.12.81)

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: bruce.ashfield@gmail.com
To: yoann.congal@smile.fr
Cc: openembedded-core@lists.openembedded.org
Subject: [openembedded-core][whinlatter][PATCH 16/18] linux-yocto/6.12: update CVE exclusions (6.12.81)
Date: Thu, 23 Apr 2026 11:45:07 -0400	[thread overview]
Message-ID: <20260423154509.1933646-17-bruce.ashfield@gmail.com> (raw)
In-Reply-To: <20260423154509.1933646-1-bruce.ashfield@gmail.com>

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 4 changes (4 new | 0 updated): - 4 new CVEs: CVE-2026-24893, CVE-2026-25125, CVE-2026-25133, CVE-2026-27287 - 0 updated CVEs:
        Date: Tue, 14 Apr 2026 20:56:01 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.12.inc              | 98 ++++++++++++-------
 1 file changed, 64 insertions(+), 34 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index e4e81ee492..2ae4f461e5 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2026-04-08 14:59:27.074934+00:00 for kernel version 6.12.80
-# From linux_kernel_cves cve_2026-04-08_1400Z
+# Generated at 2026-04-14 21:08:51.681656+00:00 for kernel version 6.12.81
+# From linux_kernel_cves cve_2026-04-14_2000Z-1-g4a280a922d3
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.80"
+    this_version = "6.12.81"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -18450,7 +18450,7 @@ CVE_STATUS[CVE-2025-39814] = "fixed-version: only affects 6.16 onwards"
 
 CVE_STATUS[CVE-2025-39815] = "cpe-stable-backport: Backported in 6.12.45"
 
-CVE_STATUS[CVE-2025-39816] = "cpe-stable-backport: Backported in 6.12.49"
+CVE_STATUS[CVE-2025-39816] = "cpe-stable-backport: Backported in 6.12.81"
 
 CVE_STATUS[CVE-2025-39817] = "cpe-stable-backport: Backported in 6.12.45"
 
@@ -20424,7 +20424,7 @@ CVE_STATUS[CVE-2025-71267] = "cpe-stable-backport: Backported in 6.12.75"
 
 CVE_STATUS[CVE-2025-71268] = "cpe-stable-backport: Backported in 6.12.70"
 
-# CVE-2025-71269 needs backporting (fixed from 6.19)
+CVE_STATUS[CVE-2025-71269] = "cpe-stable-backport: Backported in 6.12.81"
 
 CVE_STATUS[CVE-2025-71270] = "cpe-stable-backport: Backported in 6.12.70"
 
@@ -20970,7 +20970,7 @@ CVE_STATUS[CVE-2026-23245] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-23246] = "cpe-stable-backport: Backported in 6.12.77"
 
-# CVE-2026-23247 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23247 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23248] = "fixed-version: only affects 6.14 onwards"
 
@@ -21006,7 +21006,7 @@ CVE_STATUS[CVE-2026-23263] = "fixed-version: only affects 6.17 onwards"
 
 CVE_STATUS[CVE-2026-23264] = "cpe-stable-backport: Backported in 6.12.70"
 
-# CVE-2026-23265 needs backporting (fixed from 7.0rc1)
+# CVE-2026-23265 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23266] = "cpe-stable-backport: Backported in 6.12.74"
 
@@ -21020,7 +21020,7 @@ CVE_STATUS[CVE-2026-23270] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23271] = "cpe-stable-backport: Backported in 6.12.77"
 
-# CVE-2026-23272 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23272 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23273] = "cpe-stable-backport: Backported in 6.12.75"
 
@@ -21052,7 +21052,7 @@ CVE_STATUS[CVE-2026-23286] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23287] = "cpe-stable-backport: Backported in 6.12.77"
 
-CVE_STATUS[CVE-2026-23288] = "fixed-version: only affects 6.19 onwards"
+CVE_STATUS[CVE-2026-23288] = "fixed-version: only affects 6.19.4 onwards"
 
 CVE_STATUS[CVE-2026-23289] = "cpe-stable-backport: Backported in 6.12.77"
 
@@ -21080,7 +21080,7 @@ CVE_STATUS[CVE-2026-23300] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23301] = "fixed-version: only affects 6.19 onwards"
 
-# CVE-2026-23302 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23302 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23303] = "cpe-stable-backport: Backported in 6.12.77"
 
@@ -21128,20 +21128,18 @@ CVE_STATUS[CVE-2026-23325] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23326] = "fixed-version: only affects 6.13 onwards"
 
-# CVE-2026-23327 needs backporting (fixed from 7.0rc2)
+# CVE-2026-23327 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23328] = "fixed-version: only affects 6.14 onwards"
 
 CVE_STATUS[CVE-2026-23329] = "fixed-version: only affects 6.18 onwards"
 
-# CVE-2026-23330 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23330 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23331] = "fixed-version: only affects 6.13 onwards"
 
 CVE_STATUS[CVE-2026-23332] = "fixed-version: only affects 6.16 onwards"
 
-# CVE-2026-23333 needs backporting (fixed from 7.0rc1)
-
 CVE_STATUS[CVE-2026-23334] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23335] = "cpe-stable-backport: Backported in 6.12.77"
@@ -21156,7 +21154,7 @@ CVE_STATUS[CVE-2026-23339] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23340] = "cpe-stable-backport: Backported in 6.12.77"
 
-CVE_STATUS[CVE-2026-23341] = "fixed-version: only affects 6.19 onwards"
+CVE_STATUS[CVE-2026-23341] = "fixed-version: only affects 6.19.4 onwards"
 
 CVE_STATUS[CVE-2026-23342] = "fixed-version: only affects 6.18 onwards"
 
@@ -21166,11 +21164,11 @@ CVE_STATUS[CVE-2026-23344] = "fixed-version: only affects 6.19 onwards"
 
 CVE_STATUS[CVE-2026-23345] = "fixed-version: only affects 6.13 onwards"
 
-# CVE-2026-23346 needs backporting (fixed from 7.0rc2)
+# CVE-2026-23346 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23347] = "cpe-stable-backport: Backported in 6.12.77"
 
-# CVE-2026-23348 needs backporting (fixed from 7.0rc2)
+# CVE-2026-23348 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23349] = "fixed-version: only affects 6.18 onwards"
 
@@ -21184,7 +21182,7 @@ CVE_STATUS[CVE-2026-23353] = "fixed-version: only affects 6.19 onwards"
 
 CVE_STATUS[CVE-2026-23354] = "cpe-stable-backport: Backported in 6.12.77"
 
-CVE_STATUS[CVE-2026-23355] = "fixed-version: only affects 6.18 onwards"
+CVE_STATUS[CVE-2026-23355] = "fixed-version: only affects 6.18.14 onwards"
 
 CVE_STATUS[CVE-2026-23356] = "cpe-stable-backport: Backported in 6.12.77"
 
@@ -21216,19 +21214,19 @@ CVE_STATUS[CVE-2026-23369] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23370] = "cpe-stable-backport: Backported in 6.12.77"
 
-# CVE-2026-23371 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23371 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23372] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23373] = "cpe-stable-backport: Backported in 6.12.77"
 
-# CVE-2026-23374 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23374 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23375] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-23376] = "fixed-version: only affects 6.18 onwards"
 
-# CVE-2026-23377 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23377 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23378] = "cpe-stable-backport: Backported in 6.12.77"
 
@@ -21244,7 +21242,7 @@ CVE_STATUS[CVE-2026-23383] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23384] = "fixed-version: only affects 6.18 onwards"
 
-# CVE-2026-23385 needs backporting (fixed from 7.0rc3)
+# CVE-2026-23385 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23386] = "cpe-stable-backport: Backported in 6.12.78"
 
@@ -21252,7 +21250,7 @@ CVE_STATUS[CVE-2026-23387] = "cpe-stable-backport: Backported in 6.12.77"
 
 CVE_STATUS[CVE-2026-23388] = "cpe-stable-backport: Backported in 6.12.77"
 
-# CVE-2026-23389 needs backporting (fixed from 7.0rc3)
+CVE_STATUS[CVE-2026-23389] = "cpe-stable-backport: Backported in 6.12.81"
 
 CVE_STATUS[CVE-2026-23390] = "cpe-stable-backport: Backported in 6.12.74"
 
@@ -21262,7 +21260,7 @@ CVE_STATUS[CVE-2026-23392] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-23393] = "cpe-stable-backport: Backported in 6.12.78"
 
-# CVE-2026-23394 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23394 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23395] = "cpe-stable-backport: Backported in 6.12.78"
 
@@ -21358,11 +21356,11 @@ CVE_STATUS[CVE-2026-23440] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-23441] = "cpe-stable-backport: Backported in 6.12.78"
 
-# CVE-2026-23442 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23442 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23443] = "cpe-stable-backport: Backported in 6.12.78"
 
-# CVE-2026-23444 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23444 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23445] = "cpe-stable-backport: Backported in 6.12.78"
 
@@ -21376,7 +21374,7 @@ CVE_STATUS[CVE-2026-23449] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-23450] = "cpe-stable-backport: Backported in 6.12.78"
 
-CVE_STATUS[CVE-2026-23451] = "fixed-version: only affects 6.18 onwards"
+CVE_STATUS[CVE-2026-23451] = "fixed-version: only affects 6.18.19 onwards"
 
 CVE_STATUS[CVE-2026-23452] = "cpe-stable-backport: Backported in 6.12.78"
 
@@ -21410,17 +21408,15 @@ CVE_STATUS[CVE-2026-23466] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-23467] = "fixed-version: only affects 6.16 onwards"
 
-# CVE-2026-23468 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23468 needs backporting (fixed from 7.0)
 
-# CVE-2026-23469 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23469 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23470] = "cpe-stable-backport: Backported in 6.12.78"
 
-CVE_STATUS[CVE-2026-23471] = "cpe-stable-backport: Backported in 6.12.78"
-
-# CVE-2026-23472 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23472 needs backporting (fixed from 7.0)
 
-# CVE-2026-23473 needs backporting (fixed from 7.0rc5)
+# CVE-2026-23473 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-23474] = "cpe-stable-backport: Backported in 6.12.78"
 
@@ -21462,7 +21458,7 @@ CVE_STATUS[CVE-2026-31405] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-31406] = "cpe-stable-backport: Backported in 6.12.80"
 
-# CVE-2026-31407 needs backporting (fixed from 7.0rc5)
+# CVE-2026-31407 needs backporting (fixed from 7.0)
 
 CVE_STATUS[CVE-2026-31408] = "cpe-stable-backport: Backported in 6.12.80"
 
@@ -21472,5 +21468,39 @@ CVE_STATUS[CVE-2026-31410] = "cpe-stable-backport: Backported in 6.12.78"
 
 CVE_STATUS[CVE-2026-31411] = "cpe-stable-backport: Backported in 6.12.75"
 
+CVE_STATUS[CVE-2026-31412] = "cpe-stable-backport: Backported in 6.12.78"
+
+CVE_STATUS[CVE-2026-31413] = "cpe-stable-backport: Backported in 6.12.80"
+
+CVE_STATUS[CVE-2026-31414] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31415] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31416] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31417] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31418] = "cpe-stable-backport: Backported in 6.12.81"
+
+# CVE-2026-31419 needs backporting (fixed from 7.0)
+
+# CVE-2026-31420 needs backporting (fixed from 7.0)
+
+CVE_STATUS[CVE-2026-31421] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31422] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31423] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31424] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31425] = "cpe-stable-backport: Backported in 6.12.81"
+
+CVE_STATUS[CVE-2026-31426] = "cpe-stable-backport: Backported in 6.12.80"
+
+CVE_STATUS[CVE-2026-31427] = "cpe-stable-backport: Backported in 6.12.80"
+
+CVE_STATUS[CVE-2026-31428] = "cpe-stable-backport: Backported in 6.12.80"
+
 CVE_STATUS[CVE-2026-31788] = "cpe-stable-backport: Backported in 6.12.78"
 
-- 
2.43.0

next prev parent reply	other threads:[~2026-04-23 15:45 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-23 15:44 [whinlatter][PATCH 0/18] linux-yocto: stable updates to 6.12 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 01/18] linux-yocto/6.12: update to v6.12.72 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 02/18] linux-yocto/6.12: update CVE exclusions (6.12.72) bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 03/18] linux-yocto/6.12: update to v6.12.73 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 04/18] linux-yocto/6.12: update CVE exclusions (6.12.73) bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 05/18] linux-yocto/6.12: update to v6.12.74 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 06/18] linux-yocto/6.12: update CVE exclusions (6.12.74) bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 07/18] linux-yocto/6.12: update to v6.12.76 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 08/18] linux-yocto/6.12: update CVE exclusions (6.12.76) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 09/18] linux-yocto/6.12: update to v6.12.77 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 10/18] linux-yocto/6.12: update CVE exclusions (6.12.77) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 11/18] linux-yocto/6.12: update to v6.12.79 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 12/18] linux-yocto/6.12: update CVE exclusions (6.12.79) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 13/18] linux-yocto/6.12: update to v6.12.80 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 14/18] linux-yocto/6.12: update CVE exclusions (6.12.80) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 15/18] linux-yocto/6.12: update to v6.12.81 bruce.ashfield
2026-04-23 15:45 ` bruce.ashfield [this message]
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 17/18] linux-yocto/6.12: update to v6.12.83 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 18/18] linux-yocto/6.12: update CVE exclusions (6.12.83) bruce.ashfield
2026-04-24 15:00 ` [whinlatter][PATCH 0/18] linux-yocto: stable updates to 6.12 Yoann Congal

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e4e81ee49 dfblob:2ae4f461e )
 OR (
bs:"[openembedded-core][whinlatter][PATCH 16/18] linux-yocto/6.12: update CVE exclusions (6.12.81)" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260423154509.1933646-17-bruce.ashfield@gmail.com \
    --to=bruce.ashfield@gmail.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=yoann.congal@smile.fr \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox