[openembedded-core][whinlatter][PATCH 02/18] linux-yocto/6.12: update CVE exclusions (6.12.72)

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: bruce.ashfield@gmail.com
To: yoann.congal@smile.fr
Cc: openembedded-core@lists.openembedded.org
Subject: [openembedded-core][whinlatter][PATCH 02/18] linux-yocto/6.12: update CVE exclusions (6.12.72)
Date: Thu, 23 Apr 2026 11:44:53 -0400	[thread overview]
Message-ID: <20260423154509.1933646-3-bruce.ashfield@gmail.com> (raw)
In-Reply-To: <20260423154509.1933646-1-bruce.ashfield@gmail.com>

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 1 changes (0 new | 1 updated): - 0 new CVEs: - 1 updated CVEs: CVE-2025-7195
        Date: Mon, 16 Feb 2026 17:05:40 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.12.inc              | 232 +++++++++++++++++-
 1 file changed, 225 insertions(+), 7 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index 64477c364e..089446fe87 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2026-02-10 02:33:33.917945+00:00 for kernel version 6.12.69
-# From linux_kernel_cves cve_2026-02-10_0100Z
+# Generated at 2026-02-16 17:20:15.768713+00:00 for kernel version 6.12.72
+# From linux_kernel_cves cve_2026-02-16_1600Z-3-gf0e5d9ffdc0
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.69"
+    this_version = "6.12.72"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -18980,7 +18980,7 @@ CVE_STATUS[CVE-2025-40080] = "cpe-stable-backport: Backported in 6.12.53"
 
 CVE_STATUS[CVE-2025-40081] = "cpe-stable-backport: Backported in 6.12.53"
 
-CVE_STATUS[CVE-2025-40082] = "fixed-version: only affects 6.17 onwards"
+CVE_STATUS[CVE-2025-40082] = "cpe-stable-backport: Backported in 6.12.70"
 
 CVE_STATUS[CVE-2025-40083] = "cpe-stable-backport: Backported in 6.12.57"
 
@@ -20066,8 +20066,6 @@ CVE_STATUS[CVE-2025-68787] = "cpe-stable-backport: Backported in 6.12.64"
 
 CVE_STATUS[CVE-2025-68788] = "cpe-stable-backport: Backported in 6.12.64"
 
-CVE_STATUS[CVE-2025-68789] = "cpe-stable-backport: Backported in 6.12.64"
-
 CVE_STATUS[CVE-2025-68790] = "fixed-version: only affects 6.18 onwards"
 
 CVE_STATUS[CVE-2025-68791] = "fixed-version: only affects 6.14 onwards"
@@ -20134,7 +20132,7 @@ CVE_STATUS[CVE-2025-68821] = "cpe-stable-backport: Backported in 6.12.64"
 
 CVE_STATUS[CVE-2025-68822] = "cpe-stable-backport: Backported in 6.12.64"
 
-# CVE-2025-68823 needs backporting (fixed from 6.19)
+CVE_STATUS[CVE-2025-68823] = "cpe-stable-backport: Backported in 6.12.70"
 
 CVE_STATUS[CVE-2025-71064] = "cpe-stable-backport: Backported in 6.12.64"
 
@@ -20376,6 +20374,26 @@ CVE_STATUS[CVE-2025-71198] = "cpe-stable-backport: Backported in 6.12.68"
 
 CVE_STATUS[CVE-2025-71199] = "cpe-stable-backport: Backported in 6.12.68"
 
+CVE_STATUS[CVE-2025-71200] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2025-71201] = "fixed-version: only affects 6.14 onwards"
+
+# CVE-2025-71202 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2025-71203] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2025-71204] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2025-71220] = "cpe-stable-backport: Backported in 6.12.70"
+
+# CVE-2025-71221 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2025-71222] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2025-71223] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2025-71224] = "cpe-stable-backport: Backported in 6.12.70"
+
 CVE_STATUS[CVE-2026-22976] = "cpe-stable-backport: Backported in 6.12.66"
 
 CVE_STATUS[CVE-2026-22977] = "cpe-stable-backport: Backported in 6.12.66"
@@ -20646,3 +20664,203 @@ CVE_STATUS[CVE-2026-23109] = "fixed-version: only affects 6.16 onwards"
 
 CVE_STATUS[CVE-2026-23110] = "cpe-stable-backport: Backported in 6.12.68"
 
+CVE_STATUS[CVE-2026-23111] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23112] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23113] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23114] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2026-23115] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2026-23116] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23117] = "fixed-version: only affects 6.18.2 onwards"
+
+CVE_STATUS[CVE-2026-23118] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23119] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23120] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23121] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23122] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2026-23123] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23124] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23125] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23126] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23127] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23128] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23129] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23130] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2026-23131] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23132] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23133] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23134] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23135] = "cpe-stable-backport: Backported in 6.12.68"
+
+CVE_STATUS[CVE-2026-23136] = "cpe-stable-backport: Backported in 6.12.66"
+
+# CVE-2026-23137 needs backporting (fixed from 6.19)
+
+# CVE-2026-23138 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2026-23139] = "cpe-stable-backport: Backported in 6.12.66"
+
+CVE_STATUS[CVE-2026-23140] = "cpe-stable-backport: Backported in 6.12.66"
+
+CVE_STATUS[CVE-2026-23141] = "cpe-stable-backport: Backported in 6.12.67"
+
+CVE_STATUS[CVE-2026-23142] = "cpe-stable-backport: Backported in 6.12.67"
+
+CVE_STATUS[CVE-2026-23143] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2026-23144] = "cpe-stable-backport: Backported in 6.12.67"
+
+CVE_STATUS[CVE-2026-23145] = "cpe-stable-backport: Backported in 6.12.67"
+
+CVE_STATUS[CVE-2026-23146] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23147] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2026-23148] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23149] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23150] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23151] = "cpe-stable-backport: Backported in 6.12.69"
+
+# CVE-2026-23152 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2026-23153] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23154] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23155] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23156] = "cpe-stable-backport: Backported in 6.12.69"
+
+# CVE-2026-23157 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2026-23158] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23159] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23160] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23161] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23162] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2026-23163] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23164] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23165] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2026-23166] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23167] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23168] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23169] = "cpe-stable-backport: Backported in 6.12.72"
+
+CVE_STATUS[CVE-2026-23170] = "cpe-stable-backport: Backported in 6.12.69"
+
+# CVE-2026-23171 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2026-23172] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23173] = "cpe-stable-backport: Backported in 6.12.69"
+
+CVE_STATUS[CVE-2026-23174] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2026-23175] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2026-23176] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23177] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23178] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23179] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23180] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23181] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2026-23182] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23183] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2026-23184] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23185] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2026-23186] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2026-23187] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23188] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23189] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23190] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23191] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23192] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2026-23193] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23194] = "fixed-version: only affects 6.18 onwards"
+
+CVE_STATUS[CVE-2026-23195] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2026-23196] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2026-23197] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2026-23198] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23199] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23200] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23201] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23202] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23203] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2026-23204] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23205] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23206] = "cpe-stable-backport: Backported in 6.12.70"
+
+CVE_STATUS[CVE-2026-23207] = "fixed-version: only affects 6.18.2 onwards"
+
+# CVE-2026-23208 needs backporting (fixed from 6.19)
+
+CVE_STATUS[CVE-2026-23209] = "cpe-stable-backport: Backported in 6.12.70"
+
+# CVE-2026-23210 needs backporting (fixed from 6.19)
+
-- 
2.43.0

next prev parent reply	other threads:[~2026-04-23 15:45 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-23 15:44 [whinlatter][PATCH 0/18] linux-yocto: stable updates to 6.12 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 01/18] linux-yocto/6.12: update to v6.12.72 bruce.ashfield
2026-04-23 15:44 ` bruce.ashfield [this message]
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 03/18] linux-yocto/6.12: update to v6.12.73 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 04/18] linux-yocto/6.12: update CVE exclusions (6.12.73) bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 05/18] linux-yocto/6.12: update to v6.12.74 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 06/18] linux-yocto/6.12: update CVE exclusions (6.12.74) bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 07/18] linux-yocto/6.12: update to v6.12.76 bruce.ashfield
2026-04-23 15:44 ` [openembedded-core][whinlatter][PATCH 08/18] linux-yocto/6.12: update CVE exclusions (6.12.76) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 09/18] linux-yocto/6.12: update to v6.12.77 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 10/18] linux-yocto/6.12: update CVE exclusions (6.12.77) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 11/18] linux-yocto/6.12: update to v6.12.79 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 12/18] linux-yocto/6.12: update CVE exclusions (6.12.79) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 13/18] linux-yocto/6.12: update to v6.12.80 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 14/18] linux-yocto/6.12: update CVE exclusions (6.12.80) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 15/18] linux-yocto/6.12: update to v6.12.81 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 16/18] linux-yocto/6.12: update CVE exclusions (6.12.81) bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 17/18] linux-yocto/6.12: update to v6.12.83 bruce.ashfield
2026-04-23 15:45 ` [openembedded-core][whinlatter][PATCH 18/18] linux-yocto/6.12: update CVE exclusions (6.12.83) bruce.ashfield
2026-04-24 15:00 ` [whinlatter][PATCH 0/18] linux-yocto: stable updates to 6.12 Yoann Congal

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:64477c364 dfblob:089446fe8 )
 OR (
bs:"[openembedded-core][whinlatter][PATCH 02/18] linux-yocto/6.12: update CVE exclusions (6.12.72)" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260423154509.1933646-3-bruce.ashfield@gmail.com \
    --to=bruce.ashfield@gmail.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=yoann.congal@smile.fr \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox