[PATCH 0/21] linux-yocto: combined and consolidated pull request

[PATCH 0/21] linux-yocto: combined and consolidated pull request

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Hi all,

As discussed in the weekly engineering call, I'm sending this as
single series even though it crossed boundaries of the repositories.

I don't have access to meta-yocto-contrib yet, so I haven't pushed
the component parts to contrib branches yet, but will do that for
future pull requests.

I'm using this as a first run through some things I've cooked up
to coordinate the patches across the repos. The formatting is my
own, so apologies if it isn't clear .. and we'll see if it all 

Now to the series for OE-core:

 - We have stable updates to 6.12
 - A kern-tools fix
 - Updates to 6.17
 - Removal of 6.17
 - Introduction of 6.18
 - Bump to libc-headers to 6.18

I've built and booted what I can locally, and I know that the
major architectures work, and are functional with respect to
core features.

I have more libc-headers testing running against meta-oe and
muslc, so there may be some breakage there and I'll help deal
with that if it happens.

The update and then removal of 6.17 is on purpose. In case any
one was using it, they should get the latest tested before it
starts to be removed.

For meta-yocto:

  - removal of any remaining 6.17 references
  - introduction of 6.18

The meta-yocto default changes are obviously REALLY RFC/RFT
there will be issues, but I've provided them anyway to make it
clear that we are going to 6.18 as the new default for all the
variants.

Once we get 6.18 fully green and the h/w references udpated,
I'll remove 6.12 and 6.16 from master. That isn't in this series
by design.

Cheers,

Bruce

Aggregate summary of exported patches:

 - openembedded-core branch=master : 15 patches
 - meta-yocto branch=master : 6 patches

Changes:
  [01/15][openembedded-core] kern-tools: fix commit SHA reproducibility 
  [02/15][openembedded-core] linux-yocto/6.12: update to v6.12.61       
  [03/15][openembedded-core] linux-yocto/6.12: update CVE exclusions    
  [04/15][openembedded-core] linux-yocto/6.12: update to v6.12.62       
  [05/15][openembedded-core] linux-yocto/6.12: update CVE exclusions    
  [06/15][openembedded-core] linux-yocto/6.16: rust kernel configs      
  [07/15][openembedded-core] linux-yocto/6.17: update to v6.17.11       
  [08/15][openembedded-core] linux-yocto/6.17: update CVE exclusions    
  [09/15][openembedded-core] linux-yocto/6.17: rust kernel configs      
  [10/15][openembedded-core] linux-yocto/6.17: drop recipes             
  [11/15][openembedded-core] linux-yocto/6.18: introduce reference      
  [12/15][openembedded-core] linux-libc-headers: update to 6.18         
  [13/15][openembedded-core] linux-yocto/6.18: rust kernel configs      
  [14/15][openembedded-core] linux-yocto/6.18: update to v6.18.1        
  [15/15][openembedded-core] linux-yocto/6.18: update CVE exclusions    
  [01/06][meta-yocto] yocto-bsp: introduce 6.18 h/w reference           
  [02/06][meta-yocto] yocto-bsp/6.17: drop bbappend                     
  [03/06][meta-yocto] poky-tiny: make 6.18 preferred kernel version     
  [04/06][meta-yocto] poky: make 6.18 preferred kernel version          
  [05/06][meta-yocto] poky-alt: make default kernel 6.18                
  [06/06][meta-yocto] yocto-bsp: genericx86: bump default kernel to 6.18

---
Diffstat:
  openembedded-core:
    .../kern-tools/kern-tools-native_git.bb            |    2 +-
    ...-headers_6.17.bb => linux-libc-headers_6.18.bb} |    3 +-
    meta/recipes-kernel/linux/cve-exclusion_6.12.inc   |  632 +++++++++++-
    ...e-exclusion_6.17.inc => cve-exclusion_6.18.inc} | 1040 ++++++++++++++++----
    meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb   |    6 +-
    meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb   |    2 +-
    ...nux-yocto-rt_6.17.bb => linux-yocto-rt_6.18.bb} |   12 +-
    meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb |    6 +-
    meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb |    2 +-
    ...yocto-tiny_6.17.bb => linux-yocto-tiny_6.18.bb} |   12 +-
    meta/recipes-kernel/linux/linux-yocto_6.12.bb      |   28 +-
    meta/recipes-kernel/linux/linux-yocto_6.16.bb      |    4 +-
    .../{linux-yocto_6.17.bb => linux-yocto_6.18.bb}   |   52 +-
    13 files changed, 1526 insertions(+), 275 deletions(-)

  meta-yocto:
    meta-poky/conf/distro/include/poky-distro-alt-test-config.inc         | 2 +-
    meta-poky/conf/distro/poky-tiny.conf                                  | 2 +-
    meta-poky/conf/distro/poky.conf                                       | 4 ++--
    meta-yocto-bsp/conf/machine/include/genericx86-common.inc             | 2 +-
    .../linux/{linux-yocto_6.17.bbappend => linux-yocto_6.18.bbappend}    | 4 ++--
    5 files changed, 7 insertions(+), 7 deletions(-)

-- 
2.39.2

[01/15][openembedded-core] kern-tools: fix commit SHA reproducibility with raw diffs

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit:

  commit a4a362d9f4f0abc8ab145a8673166b9bd875731a (HEAD -> master, origin/master, origin/HEAD)
  Author: Hubert Wiśniewski <hubert.wisniewski.25632@gmail.com>
  Date:   Sat Nov 22 15:23:02 2025 +0100

      kgit-s2q: fix commit SHA reproducibility with raw diffs

      In case of git-am failure, kgit-s2q tries to read the date from the
      patch. Unfortunately, if the patch does not have a date (e.g. raw diff),
      no date is set and git uses the current system time.

      This patch makes kgit-s2q use SOURCE_DATE_EPOCH as the last resort or emit
      a warning if it's not available. Additionally, GIT_COMMITTER_DATE is set
      to GIT_AUTHOR_DATE if requested with --commit-sha option (same behavior as
      with git-am).

      Signed-off-by: Hubert Wiśniewski <hubert.wisniewski.25632@gmail.com>
      Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/kern-tools/kern-tools-native_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
index 9240ee5db8..bd90316050 100644
--- a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
+++ b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "\
 
 DEPENDS += "git-replacement-native"
 
-SRCREV = "f589e1df23251d8319063da0a61c1016b2a0bf85"
+SRCREV = "a4a362d9f4f0abc8ab145a8673166b9bd875731a"
 PV = "0.3+git"
 
 inherit native
-- 
2.39.2

[02/15][openembedded-core] linux-yocto/6.12: update to v6.12.61

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:

    dcbeffaf66d03 Linux 6.12.61
    c640adf07d874 spi: spi-nxp-fspi: Check return value of devm_mutex_init()
    e656ba6ca5347 drm/i915/dp: Initialize the source OUI write timestamp always
    fe0d2f610f12f Revert "ACPI: Suppress misleading SPCR console message when SPCR table is absent"
    a1eb56723b320 wifi: ath12k: correctly handle mcast packets for clients
    a017b984db205 net: dsa: microchip: Free previously initialized ports on init failures
    7f0bc8f2c8995 net: dsa: microchip: Do not execute PTP driver code for unsupported switches
    482330f8261b4 drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup
    1ba6da6ca3db7 net: dsa: microchip: Fix symetry in ksz_ptp_msg_irq_{setup/free}()
    6bee6fc3ed124 KVM: SVM: Fix redundant updates of LBR MSR intercepts
    76b0fef087465 KVM: nSVM: Fix and simplify LBR virtualization handling with nested
    c931ea944e575 KVM: nSVM: Always recalculate LBR MSR intercepts in svm_update_lbrv()
    d8a64e55ceb26 KVM: SVM: Introduce svm_recalc_lbr_msr_intercepts()
    592db83615a9f mm/huge_memory: fix NULL pointer deference when splitting folio
    10014310193cf usb: gadget: udc: fix use-after-free in usb_gadget_state_work
    0a544833e2664 usb: udc: Add trace event for usb_gadget_set_state
    f88ba5098e833 can: rcar_canfd: Fix CAN-FD mode as default
    59cb298d69c0b usb: typec: ucsi: psy: Set max current to zero when disconnected
    6326eb4c58dbf nfsd: Replace clamp_t in nfsd4_get_drc_mem()
    bccf7c5cd434a staging: rtl8712: Remove driver using deprecated API wext
    e67e3be690f5f libceph: replace BUG_ON with bounds check for map->max_osd
    5ef575834ca99 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()
    e08021b3b56b2 libceph: fix potential use-after-free in have_mon_and_osd_map()
    9428654c827fa net: dsa: microchip: Don't free uninitialized ksz_irq
    040444baae90c net: dsa: microchip: ptp: Fix checks on irq_find_mapping()
    4d15bbe4997cf net: dsa: microchip: common: Fix checks on irq_find_mapping()
    901a8766734b6 drm/amd/display: Don't change brightness for disabled connectors
    f7cf491cd5b54 drm/amd/display: Check NULL before accessing
    204d3bb80c927 drm/amd/amdgpu: reserve vm invalidation engine for uni_mes
    9cb4deb88350b drm: sti: fix device leaks at component probe
    d24483349b012 USB: serial: option: add support for Rolling RW101R-GL
    4009495262338 USB: serial: ftdi_sio: add support for u-blox EVK-M101
    81fbc6f6dcaab xhci: dbgtty: fix device unregister
    aa55e09cfc4b6 xhci: dbgtty: Fix data corruption when transmitting data form DbC to host
    d77efd7b3def7 xhci: fix stale flag preventig URBs after link state error is cleared
    7cfb62888eba2 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
    61fcb9833071f usb: dwc3: pci: Sort out the Intel device IDs
    425ef1fa2ca7e usb: dwc3: pci: add support for the Intel Nova Lake -S
    2b90a8131c83f usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer
    a20f1dd19d21d usb: storage: sddr55: Reject out-of-bound new_pba
    fada9c8f7ee80 USB: storage: Remove subclass and protocol overrides from Novatek quirk
    0f18eac44c566 usb: storage: Fix memory leak in USB bulk transport
    26838f147aeaa usb: renesas_usbhs: Fix synchronous external abort on unbind
    e72c963177c70 usb: gadget: f_eem: Fix memory leak in eem_unwrap
    77124212374da usb: cdns3: Fix double resource release in cdns3_pci_probe
    2274767dc02b7 most: usb: fix double free on late probe failure
    8fef76f57966c serial: amba-pl011: prefer dma_mapping_error() over explicit address checking
    05f5e26d488cd mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose().
    3725bca17d021 mptcp: clear scheduled subflows on retransmit
    ce3b8270392fd mmc: sdhci-of-dwcmshc: Promote the th1520 reset handling to ip level
    50b4c1c28733a mm/memfd: fix information leak in hugetlb folios
    60ab1851614e6 firmware: stratix10-svc: fix bug in saving controller data
    96d9a20a66d56 nvmem: layouts: fix nvmem_layout_bus_uevent
    0904f0400e93c slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves
    1a96b5f823a34 thunderbolt: Add support for Intel Wildcat Lake
    f15288c137d96 smb: client: fix memory leak in cifs_construct_tcon()
    237f00629b246 drivers/usb/dwc3: fix PCI parent check
    b3f5d4f6af00b dm-verity: fix unreliable memory allocation
    47144748fbf12 ceph: fix crash in process_v2_sparse_read() for encrypted directories
    b6aa7c5e29cdb can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling
    0f7213b8fbc66 can: sja1000: fix max irq loop handling
    2fa09fe98ca3b Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref
    667ac86882322 atm/fore200e: Fix possible data race in fore200e_open()
    df4630d02b42a ARM: dts: nxp: imx6ul: correct SAI3 interrupt line
    b543d79b4f48a arm64: dts: imx8qm-mek: fix mux-controller select/enable-gpios polarity
    8e93451fe5394 arm64: dts: imx8dxl-ss-conn: swap interrupts number of eqos
    866df92e7041a ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230
    922fdd0b755a8 tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs
    63a93d1cd6077 MIPS: mm: kmalloc tlb_vpn array to avoid stack overflow
    135178e90aa43 MIPS: mm: Prevent a TLB shutdown on initial uniquification
    45abbbdb46578 iio: adc: rtq6056: Correct the sign bit index
    6656fbfee4f42 iio: adc: ad7280a: fix ad7280_store_balance_timer()
    96a474c35d0f3 iio: accel: fix ADXL355 startup race condition
    65ad4ed983fd9 iio: accel: bmc150: Fix irq assumption regression
    9ef53b3540338 iio: adc: stm32-dfsdm: fix st,adc-alt-channel property handling
    5b82774d0e4fa iio:common:ssp_sensors: Fix an error handling path ssp_probe()
    90e8768209264 iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields
    9434c58b8e421 iio: humditiy: hdc3020: fix units for thresholds and hysteresis
    70e1c26f8c469 iio: humditiy: hdc3020: fix units for temperature and humidity measurement
    af8a7abca453d iio: buffer: support getting dma channel from the buffer
    6717a94824203 iio: buffer-dmaengine: enable .get_dma_dev()
    61f136211d063 iio: buffer-dma: support getting the DMA channel
    0cc09278c39c4 Revert "perf/x86: Always store regs->ip in perf_callchain_kernel()"
    a2b16ee991df0 Revert "drm/amd/display: Move setup_stream_attribute"
    e31194bf494f6 spi: bcm63xx: fix premature CS deassertion on RX-only transactions
    74d016b9909e0 spi: nxp-fspi: Propagate fwnode in ACPI case as well
    29504b730405c spi: spi-nxp-fspi: Add OCT-DTR mode support
    96ff82494bb3e spi: spi-nxp-fspi: remove the goto in probe
    f08573eb642e6 spi: nxp-fspi: Support per spi-mem operation frequency switches
    c02d4deb82225 spi: spi-mem: Add a new controller capability
    0941b7cdfc023 spi: spi-mem: Extend spi-mem operations with a per-operation maximum frequency
    698c2abf5280c spi: spi-mem: Allow specifying the byte order in Octal DTR mode
    1f4a8954c6755 spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors
    6e5ee3c217265 spi: tegra114: remove Kconfig dependency on TEGRA20_APB_DMA
    4a16b2a0c1f03 fs/namespace: fix reference leak in grab_requested_mnt_ns
    1080ed39eae39 mailbox: pcc: don't zero error register
    733e3d0c1ab37 mailbox: pcc: Refactor error handling in irq handler into separate function
    ba7a25411c6a5 mailbox: mtk-cmdq: Refine DMA address handling for the command buffer
    f73d41f2a1d6f mailbox: mailbox-test: Fix debugfs_create_dir error checking
    779a422b45d0b usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors
    051e941285b2d iio: st_lsm6dsx: Fixed calibrated timestamp calculation
    4c6c2cf740532 net: fec: do not register PPS event for PEROUT
    ca2964a7cb1ee net: fec: do not allow enabling PPS and PEROUT simultaneously
    10bc6ce79eaab net: fec: do not update PEROUT if it is enabled
    18a474a325572 net: fec: cancel perout_timer when PEROUT is disabled
    3fd2105e1b7e0 net: atlantic: fix fragment overflow handling in RX path
    c40cbebc1a5f4 eth: fbnic: Fix counter roll-over issue
    7c18cd7aa31c1 net: dsa: sja1105: fix SGMII linking at 10M or 100M but not passing traffic
    5b5159fc64fb7 net: dsa: sja1105: simplify static configuration reload
    b7e9ba8dfbfaa net: wwan: mhi: Keep modem name match with Foxconn T99W640
    b46aaeafd6da9 drm/amdgpu: fix cyan_skillfish2 gpu info fw handling
    45b5b4ddb8d6b net: sxgbe: fix potential NULL dereference in sxgbe_rx()
    4040b5e896398 team: Move team device type change at the end of team_port_add
    cf7922c7597a8 net/mlx5e: Fix validation logic in rate limiting
    15f4066889157 drm/xe: Fix conversion from clock ticks to milliseconds
    c20df1e31be2f net: lan966x: Fix the initialization of taprio
    47e6085425bdc net: aquantia: Add missing descriptor cache invalidation on ATL2
    a21615a4ac6fe platform/x86: intel: punit_ipc: fix memory corruption
    fec6e69f0a35d net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY
    c1ceabcb347d1 veth: reduce XDP no_direct return section to fix race
    dd419a3f2ebc1 veth: more robust handing of race to avoid txq getting stuck
    76bed44c5a3c3 veth: prevent NULL pointer dereference in veth_xdp_rcv
    9fe31b3f31453 veth: apply qdisc backpressure on full ptr_ring to reduce TX drops
    bf7528722e936 net: sched: generalize check for no-queue qdisc on TX queue
    429bcd8ffa531 Bluetooth: SMP: Fix not generating mackey and ltk when repairing
    e90c05fc5bbea Bluetooth: hci_sock: Prevent race in socket write iter and sock bind
    b1225ccdbdf86 Bluetooth: hci_core: Fix triggering cmd_timer for HCI_OP_NOP
    421e88a0d8578 Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface
    ad55004a3cb5b can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data
    616eee3e895b8 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header
    4a82072e451ea can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
    0897cea266e39 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/linux-yocto-rt_6.12.bb              |  6 ++--
 .../linux/linux-yocto-tiny_6.12.bb            |  6 ++--
 meta/recipes-kernel/linux/linux-yocto_6.12.bb | 28 +++++++++----------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
index c4cef55c86..9e29a82ea5 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "b23e01aff4eb21167db80c8d178ffeaf174be51c"
-SRCREV_meta ?= "204830448d850850867fa4ca7ee0dab04fdb7011"
+SRCREV_machine ?= "114f737b448424bfd7c43548ae1e58fd59629d69"
+SRCREV_meta ?= "b79e50adbe76c872daa7748ac7ac9c80b253e2b9"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.12.60"
+LINUX_VERSION ?= "6.12.61"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
index 2818a9fd40..7654b1f1ce 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.12.inc
 
-LINUX_VERSION ?= "6.12.60"
+LINUX_VERSION ?= "6.12.61"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_meta ?= "204830448d850850867fa4ca7ee0dab04fdb7011"
+SRCREV_machine ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_meta ?= "b79e50adbe76c872daa7748ac7ac9c80b253e2b9"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.12.bb b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
index 4a82ea08a2..9c34e0b51f 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86.104 ?= "v6.12/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.12/standard/base"
 KBRANCH:qemumips64 ?= "v6.12/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "0435f9a900bbfb3daa3a28123d517c6437831628"
-SRCREV_machine:qemuarm64 ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemuloongarch64 ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemumips ?= "07d29856173d5d2cec0a67801492a95a00e03491"
-SRCREV_machine:qemuppc ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemuriscv64 ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemuriscv32 ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemux86 ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemux86-64 ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_machine:qemumips64 ?= "f21d4ebef1ebdfd38a182e87c7bdaad6fe79ba3c"
-SRCREV_machine ?= "cd2fe60ac1c07ad28e3c84e4325c3f8163ce3719"
-SRCREV_meta ?= "204830448d850850867fa4ca7ee0dab04fdb7011"
+SRCREV_machine:qemuarm ?= "01d15e59dee5c1c149992c55072ea3ffd06e803f"
+SRCREV_machine:qemuarm64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemuloongarch64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemumips ?= "20382395aabd0edcee9edb6e4a9fc964782e9f66"
+SRCREV_machine:qemuppc ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemuriscv64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemuriscv32 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemux86 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemux86-64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_machine:qemumips64 ?= "795cfe93f0ba66e70c427b244c3a42a3150d23d1"
+SRCREV_machine ?= "b9d9738047f6057fdbdb871bdc93771069995308"
+SRCREV_meta ?= "b79e50adbe76c872daa7748ac7ac9c80b253e2b9"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "318a47068f7b88de838518897500d7509e3fe205"
+SRCREV_machine:class-devupstream ?= "dcbeffaf66d03968970d7d68ec7800032d00180e"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.12/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.12.60"
+LINUX_VERSION ?= "6.12.61"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.39.2

[03/15][openembedded-core] linux-yocto/6.12: update CVE exclusions (6.12.61)

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 11 changes (2 new | 9 updated): - 2 new CVEs: CVE-2025-66533, CVE-2025-67467 - 9 updated CVEs: CVE-2025-10655, CVE-2025-2296, CVE-2025-67504, CVE-2025-67574, CVE-2025-67575, CVE-2025-67576, CVE-2025-67577, CVE-2025-67578, CVE-2025-67579
        Date: Tue, 9 Dec 2025 15:12:34 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.12.inc              | 630 +++++++++++++++++-
 1 file changed, 627 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index 5ca6f53fde..d272b74737 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-12-02 23:35:41.082808+00:00 for kernel version 6.12.60
-# From linux_kernel_cves cve_2025-12-02_2300Z-2-g67370d1b4b8
+# Generated at 2025-12-09 15:18:04.005747+00:00 for kernel version 6.12.61
+# From linux_kernel_cves cve_2025-12-09_1500Z
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.60"
+    this_version = "6.12.61"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -5326,6 +5326,140 @@ CVE_STATUS[CVE-2022-50581] = "fixed-version: Fixed from version 6.2"
 
 CVE_STATUS[CVE-2022-50582] = "fixed-version: Fixed from version 6.1"
 
+CVE_STATUS[CVE-2022-50583] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50614] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50615] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50616] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50617] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50618] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50619] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50620] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50621] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50622] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50623] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50624] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50625] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50626] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50627] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50628] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50629] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50630] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50631] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50632] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50633] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50634] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50635] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50636] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50637] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50638] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50639] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50640] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50641] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50642] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50643] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50644] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50645] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50646] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50647] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50648] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50649] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50650] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50651] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50652] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50653] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50654] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50655] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50656] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50657] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50658] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50659] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50660] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50661] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50662] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50663] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50664] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50665] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50666] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50667] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50668] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50669] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50670] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50671] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50672] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50673] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50674] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50675] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50676] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50677] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50678] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50679] = "fixed-version: Fixed from version 6.1"
+
 CVE_STATUS[CVE-2023-32246] = "fixed-version: Fixed from version 6.4"
 
 CVE_STATUS[CVE-2023-32249] = "fixed-version: Fixed from version 6.4"
@@ -7672,6 +7806,238 @@ CVE_STATUS[CVE-2023-53732] = "fixed-version: Fixed from version 6.4"
 
 CVE_STATUS[CVE-2023-53733] = "fixed-version: Fixed from version 6.5"
 
+CVE_STATUS[CVE-2023-53742] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53743] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53744] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53745] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53746] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53747] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53748] = "fixed-version: Fixed from version 6.4"
+
+# CVE-2023-53749 has no known resolution
+
+CVE_STATUS[CVE-2023-53750] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53751] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53752] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53753] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53754] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53755] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53756] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53757] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53758] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53759] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53760] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53761] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53762] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53763] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53764] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53765] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53766] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53767] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53768] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53769] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53777] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53778] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53779] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53780] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53781] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53782] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53783] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53784] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53785] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53786] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53787] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53788] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53789] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53790] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53791] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53792] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53793] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53794] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53795] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53796] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53797] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53798] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53799] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53800] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53801] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53802] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53803] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53804] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53806] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53807] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53808] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53809] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53810] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53811] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53812] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53813] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53814] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53815] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53816] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53817] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53818] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53819] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53820] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53821] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53822] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53823] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53824] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53825] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53826] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53827] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53828] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53829] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53830] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53831] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53832] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53833] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53834] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53836] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53837] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53838] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53839] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53840] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53841] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53842] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53843] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53844] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53845] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53846] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53847] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53848] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53849] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53850] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53851] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53852] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53853] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53854] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53855] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53856] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53857] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53858] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53859] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53860] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53861] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53862] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53863] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53864] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53865] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53866] = "fixed-version: Fixed from version 6.3"
+
 CVE_STATUS[CVE-2023-7324] = "fixed-version: Fixed from version 6.3"
 
 CVE_STATUS[CVE-2024-26581] = "fixed-version: Fixed from version 6.8"
@@ -17898,9 +18264,267 @@ CVE_STATUS[CVE-2025-40212] = "cpe-stable-backport: Backported in 6.12.59"
 
 CVE_STATUS[CVE-2025-40213] = "fixed-version: only affects 6.17 onwards"
 
+CVE_STATUS[CVE-2025-40214] = "cpe-stable-backport: Backported in 6.12.59"
+
+# CVE-2025-40215 needs backporting (fixed from 6.16)
+
+CVE_STATUS[CVE-2025-40216] = "cpe-stable-backport: Backported in 6.12.36"
+
+# CVE-2025-40217 needs backporting (fixed from 6.18)
+
+CVE_STATUS[CVE-2025-40218] = "cpe-stable-backport: Backported in 6.12.54"
+
+CVE_STATUS[CVE-2025-40219] = "cpe-stable-backport: Backported in 6.12.54"
+
+CVE_STATUS[CVE-2025-40220] = "cpe-stable-backport: Backported in 6.12.54"
+
+CVE_STATUS[CVE-2025-40221] = "cpe-stable-backport: Backported in 6.12.54"
+
+CVE_STATUS[CVE-2025-40222] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2025-40223] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40224] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40225] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40226] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40227] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40228] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40229] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40230] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40231] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40232] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2025-40233] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40234] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-40235] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40236] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2025-40237] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40238] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40239] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40240] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40241] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40242] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40243] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40244] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40245] = "cpe-stable-backport: Backported in 6.12.56"
+
+CVE_STATUS[CVE-2025-40246] = "cpe-stable-backport: Backported in 6.12.60"
+
+# CVE-2025-40247 needs backporting (fixed from 6.18)
+
+CVE_STATUS[CVE-2025-40248] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40249] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-40250] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40251] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40252] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40253] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40254] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40255] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-40256] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-40257] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40258] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40259] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40260] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-40261] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40262] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40263] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40264] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40265] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40266] = "cpe-stable-backport: Backported in 6.12.60"
+
+CVE_STATUS[CVE-2025-40267] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-40268] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40269] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40270] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40271] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40272] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40273] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40274] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40275] = "cpe-stable-backport: Backported in 6.12.59"
+
+# CVE-2025-40276 needs backporting (fixed from 6.18)
+
+CVE_STATUS[CVE-2025-40277] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40278] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40279] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40280] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40281] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40282] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40283] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40284] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40285] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40286] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40287] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40288] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40289] = "cpe-stable-backport: Backported in 6.12.59"
+
+CVE_STATUS[CVE-2025-40290] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2025-40291] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40292] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40293] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40294] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40295] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-40296] = "fixed-version: only affects 6.16 onwards"
+
+CVE_STATUS[CVE-2025-40297] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40298] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2025-40299] = "fixed-version: only affects 6.17 onwards"
+
 CVE_STATUS[CVE-2025-40300] = "cpe-stable-backport: Backported in 6.12.47"
 
+CVE_STATUS[CVE-2025-40301] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40302] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40303] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40304] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40305] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40306] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40307] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40308] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40309] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40310] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40311] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40312] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40313] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40314] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40315] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40316] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40317] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40318] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40319] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40320] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40321] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40322] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40323] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40324] = "cpe-stable-backport: Backported in 6.12.58"
+
 # CVE-2025-40325 needs backporting (fixed from 6.15)
 
+CVE_STATUS[CVE-2025-40326] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-40327] = "fixed-version: only affects 6.17 onwards"
+
+CVE_STATUS[CVE-2025-40328] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40329] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40330] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-40331] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40332] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40333] = "cpe-stable-backport: Backported in 6.12.58"
+
+# CVE-2025-40334 needs backporting (fixed from 6.18)
+
+# CVE-2025-40335 needs backporting (fixed from 6.18)
+
+# CVE-2025-40336 needs backporting (fixed from 6.18)
+
+CVE_STATUS[CVE-2025-40337] = "cpe-stable-backport: Backported in 6.12.58"
+
+# CVE-2025-40338 needs backporting (fixed from 6.18)
+
+CVE_STATUS[CVE-2025-40339] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40340] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40341] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40342] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40343] = "cpe-stable-backport: Backported in 6.12.58"
+
+CVE_STATUS[CVE-2025-40344] = "cpe-stable-backport: Backported in 6.12.58"
+
 CVE_STATUS[CVE-2025-40364] = "cpe-stable-backport: Backported in 6.12.14"
 
-- 
2.39.2

[04/15][openembedded-core] linux-yocto/6.12: update to v6.12.62

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:

    53d3c6ddbb974 Linux 6.12.62
    7bce22989c7b7 bus: mhi: host: pci_generic: Add Telit FN990B40 modem support
    4e3297ec0c469 bus: mhi: host: pci_generic: Add Telit FN920C04 modem support
    d1ab7f9cee22e staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
    61871c83259a5 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
    a54e2b2db1b7d staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
    f6e629dfe6f59 comedi: check device's attached status in compat ioctls
    8952bc1973cd5 comedi: multiq3: sanitize config options in multiq3_attach()
    9fd8c8ad35c8d comedi: c6xdigio: Fix invalid PNP driver unregistration
    ff100f869c2e6 wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1
    2f6ea894eba4c wifi: rtl8xxxu: Add USB ID 2001:3328 for D-Link AN3U rev. A1
    68852305e967c samples: work around glibc redefining some of our defines wrong
    4d9fb5428568f LoongArch: Mask all interrupts during kexec/kdump
    898c0794e7997 HID: elecom: Add support for ELECOM M-XT3URBK (018F)
    15bfd5b946a0c platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally
    84c2898ad1412 platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list
    9fc36198989e6 platform/x86: huawei-wmi: add keys for HONOR models
    b22703f8b5b37 HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list
    6e55ee83b1426 platform/x86: acer-wmi: Ignore backlight event
    a71677392ca53 pinctrl: qcom: msm: Fix deadlock in pinmux configuration
    e8061d02b49c5 nvme: fix admin request_queue lifetime
    573bccc5c2fcc HID: hid-input: Extend Elan ignore battery quirk to USB
    77899444d4616 bfs: Reconstruct file type when loading from disk
    002c4d2d8482b ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series
    e71a1bafe6f68 drm/amdkfd: Fix GPU mappings for APU after prefetch
    ef9b1e6b8f902 smb: fix invalid username check in smb3_fs_context_parse_param()
    4c5b89f381543 Bluetooth: btrtl: Avoid loading the config file on security chips
    f09812f4dcb13 drm/vmwgfx: Use kref in vmw_bo_dirty
    5daaca0150db8 spi: imx: keep dma request disabled before dma transfer setup
    a215b8db00b51 spi: xilinx: increase number of retries before declaring stall
    deff7dfc4dc4e ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct()
    700d4d1e785d8 USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC
    2ceb2b5813b29 USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC
    0423aaa295cee serial: add support of CPCI cards
    ccf6e31b91ae6 USB: serial: ftdi_sio: match on interface number for jtag
    31dea5e1c28ce USB: serial: option: move Telit 0x10c7 composition in the right place
    b38c151b4aaf6 USB: serial: option: add Telit Cinterion FE910C04 new compositions
    1f39939fbe2ef USB: serial: option: add Foxconn T99W760
    87cc1622c88a4 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced
    5caa40e7c6a43 comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()
    22a76b0861ae6 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
    b163a5e8c7032 locking/spinlock/debug: Fix data-race in do_raw_write_lock
    5ac763713a1ef ksmbd: ipc: fix use-after-free in ipc_msg_send_request
    210ac60a86a3a ext4: refresh inline data size before write operations
    a2a7f854d154a jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted
    432cb68e4555c Documentation: process: Also mention Sasha Levin as stable tree maintainer
    f68ffd58d444c xfrm: flush all states in xfrm_state_fini
    f7d879c19d306 xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added
    13b32a7e544c0 Revert "xfrm: destroy xfrm_state synchronously on net exit path"
    dc3636912d417 xfrm: delete x->tunnel as we delete x

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/linux-yocto-rt_6.12.bb              |  6 ++--
 .../linux/linux-yocto-tiny_6.12.bb            |  6 ++--
 meta/recipes-kernel/linux/linux-yocto_6.12.bb | 28 +++++++++----------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
index 9e29a82ea5..9ac8507f9f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "114f737b448424bfd7c43548ae1e58fd59629d69"
-SRCREV_meta ?= "b79e50adbe76c872daa7748ac7ac9c80b253e2b9"
+SRCREV_machine ?= "921e3aa4f264810a46d67b9d6d84ff2707035cbc"
+SRCREV_meta ?= "0bc72383691f29eb7fc4661afa9d67e106635929"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.12.61"
+LINUX_VERSION ?= "6.12.62"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
index 7654b1f1ce..940561352c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.12.inc
 
-LINUX_VERSION ?= "6.12.61"
+LINUX_VERSION ?= "6.12.62"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_meta ?= "b79e50adbe76c872daa7748ac7ac9c80b253e2b9"
+SRCREV_machine ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_meta ?= "0bc72383691f29eb7fc4661afa9d67e106635929"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.12.bb b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
index 9c34e0b51f..84419f8c78 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86.104 ?= "v6.12/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.12/standard/base"
 KBRANCH:qemumips64 ?= "v6.12/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "01d15e59dee5c1c149992c55072ea3ffd06e803f"
-SRCREV_machine:qemuarm64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemuloongarch64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemumips ?= "20382395aabd0edcee9edb6e4a9fc964782e9f66"
-SRCREV_machine:qemuppc ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemuriscv64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemuriscv32 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemux86 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemux86-64 ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_machine:qemumips64 ?= "795cfe93f0ba66e70c427b244c3a42a3150d23d1"
-SRCREV_machine ?= "b9d9738047f6057fdbdb871bdc93771069995308"
-SRCREV_meta ?= "b79e50adbe76c872daa7748ac7ac9c80b253e2b9"
+SRCREV_machine:qemuarm ?= "2b0e0a13ceb7489631bbd27be1562e7203b6bbde"
+SRCREV_machine:qemuarm64 ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemuloongarch64 ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemumips ?= "6b71abf154b206dfc44af020a74c9b9700fa966c"
+SRCREV_machine:qemuppc ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemuriscv64 ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemuriscv32 ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemux86 ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemux86-64 ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_machine:qemumips64 ?= "abc4547fe89dba23de4366b8cd183226cab0cf85"
+SRCREV_machine ?= "f206d396d0a1a71cc4911b8c6714fcc1ba561caf"
+SRCREV_meta ?= "0bc72383691f29eb7fc4661afa9d67e106635929"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "dcbeffaf66d03968970d7d68ec7800032d00180e"
+SRCREV_machine:class-devupstream ?= "53d3c6ddbb9749ebc06956a13ed6eead31402a7d"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.12/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.12.61"
+LINUX_VERSION ?= "6.12.62"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.39.2

[05/15][openembedded-core] linux-yocto/6.12: update CVE exclusions (6.12.62)

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 8 changes (0 new | 8 updated): - 0 new CVEs: - 8 updated CVEs: CVE-2024-41260, CVE-2025-13281, CVE-2025-14606, CVE-2025-14620, CVE-2025-14621, CVE-2025-67898, CVE-2025-67899, CVE-2025-7195
        Date: Mon, 15 Dec 2025 16:32:47 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/linux/cve-exclusion_6.12.inc | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index d272b74737..4839a53cd9 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-12-09 15:18:04.005747+00:00 for kernel version 6.12.61
-# From linux_kernel_cves cve_2025-12-09_1500Z
+# Generated at 2025-12-15 16:44:27.465288+00:00 for kernel version 6.12.62
+# From linux_kernel_cves cve_2025-12-15_1600Z-2-gd297626114b
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.61"
+    this_version = "6.12.62"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -18266,7 +18266,7 @@ CVE_STATUS[CVE-2025-40213] = "fixed-version: only affects 6.17 onwards"
 
 CVE_STATUS[CVE-2025-40214] = "cpe-stable-backport: Backported in 6.12.59"
 
-# CVE-2025-40215 needs backporting (fixed from 6.16)
+CVE_STATUS[CVE-2025-40215] = "cpe-stable-backport: Backported in 6.12.62"
 
 CVE_STATUS[CVE-2025-40216] = "cpe-stable-backport: Backported in 6.12.36"
 
@@ -18526,5 +18526,7 @@ CVE_STATUS[CVE-2025-40343] = "cpe-stable-backport: Backported in 6.12.58"
 
 CVE_STATUS[CVE-2025-40344] = "cpe-stable-backport: Backported in 6.12.58"
 
+CVE_STATUS[CVE-2025-40345] = "cpe-stable-backport: Backported in 6.12.61"
+
 CVE_STATUS[CVE-2025-40364] = "cpe-stable-backport: Backported in 6.12.14"
 
-- 
2.39.2

[06/15][openembedded-core] linux-yocto/6.16: rust kernel configs

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/.:

1/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: features/kernel-rust: Add feature to enable Rust kernel support
    Date: Thu, 11 Dec 2025 04:42:31 -0800

    Add a new kernel feature that enables Rust support in the kernel. This
    introduces kernel-rust.cfg to set Rust-related Kconfig options and
    kernel-rust.scc to define the feature metadata.

    The feature enables:
      - CONFIG_RUST
      - CONFIG_RUST_OVERFLOW_CHECKS
      - CONFIG_RUST_BUILD_ASSERT_ALLOW

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

2/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: kernel-sample: Add Rust sample configuration files
    Date: Thu, 11 Dec 2025 04:42:32 -0800

    Extend the existing kernel-sample feature by adding support for the Rust
    sample modules provided by the kernel. This adds a new kernel-rust-sample.cfg
    and corresponding .scc entry alongside the existing kernel-samples.cfg.

    The new configuration enables:
      - CONFIG_SAMPLES_RUST
      - CONFIG_SAMPLE_RUST_MINIMAL
      - CONFIG_SAMPLE_RUST_PRINT
      - CONFIG_SAMPLE_RUST_HOSTPROGS

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

3/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: debug: Add kernel Rust debug feature
    Date: Thu, 11 Dec 2025 04:42:33 -0800

    Add a new debug feature to enable Rust-related kernel debugging support.
    This introduces debug-kernel-rust.scc along with its associated Kconfig
    file debug-kernel-rust.cfg.

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_6.16.bb      | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb
index d1f7e76501..1230e4e805 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb
@@ -15,7 +15,7 @@ python () {
 }
 
 SRCREV_machine ?= "c31e0cb82247b36842209614bb72af9127ef2471"
-SRCREV_meta ?= "9e0a3e81b40db2b35e060ef001b3902a6a0996ac"
+SRCREV_meta ?= "12553099281a0d3ffbcf5860aedaa1062c8ffc78"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.16;destsuffix=${KMETA};protocol=https"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb
index ef904adad4..ffa15b0c1b 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb
@@ -18,7 +18,7 @@ KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
-SRCREV_meta ?= "9e0a3e81b40db2b35e060ef001b3902a6a0996ac"
+SRCREV_meta ?= "12553099281a0d3ffbcf5860aedaa1062c8ffc78"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.16.bb b/meta/recipes-kernel/linux/linux-yocto_6.16.bb
index 2188c7fed2..408f14b451 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.16.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.16.bb
@@ -22,14 +22,14 @@ SRCREV_machine:qemuarm ?= "cdb5121dcb8fbde2d7616011e8e84623914d17a4"
 SRCREV_machine:qemuarm64 ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
 SRCREV_machine:qemuloongarch64 ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
 SRCREV_machine:qemumips ?= "62ea92a539f58803a222be98b81118403074206e"
-SRCREV_machine:qemuppc ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
+SRCREV_machine:qemuppc ?= "c80bee672268c633df8e4e37bfe6b0eda2a32f8d"
 SRCREV_machine:qemuriscv64 ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
 SRCREV_machine:qemuriscv32 ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
 SRCREV_machine:qemux86 ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
 SRCREV_machine:qemux86-64 ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
 SRCREV_machine:qemumips64 ?= "9fb4ff0187c85426f21fd40d4c61b742800f65c4"
 SRCREV_machine ?= "42ddd61a7bcedefc5eaedb89e91dcec7061e78ce"
-SRCREV_meta ?= "9e0a3e81b40db2b35e060ef001b3902a6a0996ac"
+SRCREV_meta ?= "12553099281a0d3ffbcf5860aedaa1062c8ffc78"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
-- 
2.39.2

[07/15][openembedded-core] linux-yocto/6.17: update to v6.17.11

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.17 to the latest korg -stable release that comprises
the following commits:

    5439375ca6987 Linux 6.17.11
    433ec03c531fe spi: cadence-quadspi: Fix cqspi_probe() error handling for runtime pm
    8444e2491524c Revert "ACPI: Suppress misleading SPCR console message when SPCR table is absent"
    3b32caa73d135 usb: gadget: udc: fix use-after-free in usb_gadget_state_work
    66bd704199465 usb: udc: Add trace event for usb_gadget_set_state
    5ddd41b6877ff mm: swap: remove duplicate nr_swap_pages decrement in get_swap_page_of_type()
    b4368b7f97014 libceph: replace BUG_ON with bounds check for map->max_osd
    6920ff09bf911 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()
    3fc43120b22a3 libceph: fix potential use-after-free in have_mon_and_osd_map()
    ae12e4e0ca231 net: dsa: microchip: Fix symetry in ksz_ptp_msg_irq_{setup/free}()
    649f2ff1ef6ea net: dsa: microchip: Free previously initialized ports on init failures
    32abbcf4379a0 net: dsa: microchip: Don't free uninitialized ksz_irq
    903c8a114fa2b net: dsa: microchip: ptp: Fix checks on irq_find_mapping()
    21d2c2423473c net: dsa: microchip: common: Fix checks on irq_find_mapping()
    330198fe2642e drm/amd/display: Increase EDID read retries
    c36bc1d09b636 drm/amd/display: Don't change brightness for disabled connectors
    62150f1e7ec70 drm/amd/display: Check NULL before accessing
    418ec6670bc2e drm/amd/amdgpu: reserve vm invalidation engine for uni_mes
    23316ed02c228 drm/amdgpu: attach tlb fence to the PTs update
    1966838d1c821 drm/xe/guc: Fix stack_depot usage
    e19d1d97d7f77 drm/i915/psr: Reject async flips when selective fetch is enabled
    b4f97ed17917c drm: sti: fix device leaks at component probe
    960e1220ef4ec USB: serial: option: add support for Rolling RW101R-GL
    317ee5d0123a2 USB: serial: ftdi_sio: add support for u-blox EVK-M101
    5cb53ca8e81cc xhci: dbgtty: fix device unregister
    372f1b4029b8a xhci: dbgtty: Fix data corruption when transmitting data form DbC to host
    cc794fd11df12 xhci: fix stale flag preventig URBs after link state error is cleared
    fa5eaf701e576 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
    2b653f426ef68 usb: dwc3: pci: Sort out the Intel device IDs
    fcde9a1000f4c usb: dwc3: pci: add support for the Intel Nova Lake -S
    426edbfc88b22 usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer
    222f5fdae114d usb: typec: ucsi: psy: Set max current to zero when disconnected
    5ebe8d479aaf4 usb: storage: sddr55: Reject out-of-bound new_pba
    96ada13ff2241 USB: storage: Remove subclass and protocol overrides from Novatek quirk
    5b815ddb3f556 usb: storage: Fix memory leak in USB bulk transport
    aa658a6d5ac21 usb: renesas_usbhs: Fix synchronous external abort on unbind
    0dea2e0069a7e usb: gadget: f_eem: Fix memory leak in eem_unwrap
    6e6fbcf1ce751 usb: cdns3: Fix double resource release in cdns3_pci_probe
    8d8ffefe3d5d8 most: usb: fix double free on late probe failure
    a2df53d860af7 serial: amba-pl011: prefer dma_mapping_error() over explicit address checking
    e86233f052c7e serial: 8250: Fix 8250_rsa symbol loop
    88163f85d59b4 mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose().
    8cb509600a447 mptcp: clear scheduled subflows on retransmit
    3f6769860a33f mmc: sdhci-of-dwcmshc: Promote the th1520 reset handling to ip level
    b09d7c4dc6428 mm/memfd: fix information leak in hugetlb folios
    d1b83fbacd439 mm/huge_memory: fix NULL pointer deference when splitting folio
    39e383af172a8 iommufd/driver: Fix counter initialization for counted_by annotation
    bd226fa02ed6d firmware: stratix10-svc: fix bug in saving controller data
    14459281e027f io_uring/net: ensure vectored buffer node import is tied to notification
    2db8fba9174c1 regulator: rtq2208: Correct LDO2 logic judgment bits
    4842b9514e35e regulator: rtq2208: Correct buck group2 phase mapping logic
    8df4a3489e80b r8169: fix RTL8127 hang on suspend/shutdown
    77d8281433ca7 pmdomain: tegra: Add GENPD_FLAG_NO_STAY_ON flag
    cef910cef13b1 nvmem: layouts: fix nvmem_layout_bus_uevent
    4795c823a4aaa slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves
    86cfe2d6e0a50 thunderbolt: Add support for Intel Wildcat Lake
    a67e91d5f446e smb: client: fix memory leak in cifs_construct_tcon()
    05814c389b53d drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup
    8ba9d114bbe5d drivers/usb/dwc3: fix PCI parent check
    c04a2db8eaf60 dm-verity: fix unreliable memory allocation
    995b14d7d1e2d counter: microchip-tcb-capture: Allow shared IRQ for multi-channel TCBs
    7d1b7de853f7d ceph: fix crash in process_v2_sparse_read() for encrypted directories
    db1b7ae308364 can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling
    12bfa4d790ec2 can: sja1000: fix max irq loop handling
    94533839dc239 can: rcar_canfd: Fix CAN-FD mode as default
    c3b990e0b2306 Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref
    6610361458e7e atm/fore200e: Fix possible data race in fore200e_open()
    cc69a053deb00 ARM: dts: nxp: imx6ul: correct SAI3 interrupt line
    302cad025cd0a arm64: dts: imx8qm-mek: fix mux-controller select/enable-gpios polarity
    8744c3bf1c35b arm64: dts: imx8dxl: Correct pcie-ep interrupt number
    ae41104ba57ac arm64: dts: imx8dxl-ss-conn: swap interrupts number of eqos
    bf94c1adc8b05 ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230
    9eb7c124d356c ALSA: hda/cirrus fix cs420x MacPro 6,1 inverted jack detection
    45053c12c45f0 tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs
    967301b3fd59d vhost: rewind next_avail_head while discarding descriptors
    60aa73bf7a4c2 virtio-net: avoid unnecessary checksum calculation on guest RX
    81edb2fcccfdc MIPS: mm: kmalloc tlb_vpn array to avoid stack overflow
    6ae28d0d47e4e MIPS: mm: Prevent a TLB shutdown on initial uniquification
    84e4e4790eb83 iio: adc: rtq6056: Correct the sign bit index
    ead79c9e8e330 iio: adc: ad7380: fix SPI offload trigger rate
    38992f484d5bf iio: adc: ad7280a: fix ad7280_store_balance_timer()
    9d0adde131959 iio: adc: ad7124: fix temperature channel
    b583bdb46d373 iio: adc: ad4030: Fix _scale value for common-mode channels
    3d52cc840f044 iio: accel: fix ADXL355 startup race condition
    93eaa5ddc5fc4 iio: accel: bmc150: Fix irq assumption regression
    b970cbe914727 iio: adc: stm32-dfsdm: fix st,adc-alt-channel property handling
    b99f61b256f3e iio:common:ssp_sensors: Fix an error handling path ssp_probe()
    bf1d563d61949 iio: pressure: bmp280: correct meas_time_us calculation
    81219e987d05b iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields
    a3034133f2bbd iio: humditiy: hdc3020: fix units for thresholds and hysteresis
    56b6a28e63f18 iio: humditiy: hdc3020: fix units for temperature and humidity measurement
    b0c0ab51c04ee iio: buffer: support getting dma channel from the buffer
    1541370ce73b8 iio: buffer-dmaengine: enable .get_dma_dev()
    832930c111b62 iio: buffer-dma: support getting the DMA channel
    cc29a4bed6c33 Revert "perf/x86: Always store regs->ip in perf_callchain_kernel()"
    7133cd6818291 Revert "drm/amd/display: Move setup_stream_attribute"
    152c4bc73c3db timekeeping: Fix error code in tk_aux_sysfs_init()
    fd50547165444 afs: Fix uninit var in afs_alloc_anon_key()
    be1f77ed0b4dd spi: bcm63xx: fix premature CS deassertion on RX-only transactions
    cece2a2d2e666 spi: nxp-fspi: Propagate fwnode in ACPI case as well
    d5d05cc0b42df spi: spi-nxp-fspi: Add OCT-DTR mode support
    7f19e9d28703e spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors
    2fc1c72d85783 spi: tegra114: remove Kconfig dependency on TEGRA20_APB_DMA
    e6b879ef1a63a riscv: dts: allwinner: d1: fix vlenb property
    2e2aea13983c9 ovl: fail ovl_lock_rename_workdir() if either target is unhashed
    5613bde937dfa afs: Fix delayed allocation of a cell's anonymous key
    fe256e59b8e7f fs/namespace: fix reference leak in grab_requested_mnt_ns
    7f3c5e0585250 spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance
    237aaa8cb2593 spi: spi-cadence-quadspi: Remove duplicate pm_runtime_put_autosuspend() call
    fd7fb5ecd6a56 mailbox: pcc: don't zero error register
    26cc0fcbc543e mailbox: mtk-cmdq: Refine DMA address handling for the command buffer
    78db090440c56 mailbox: mailbox-test: Fix debugfs_create_dir error checking
    e80aaf3aff150 usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors
    981f3da383cea iio: st_lsm6dsx: Fixed calibrated timestamp calculation
    763e3f496c89d net: fec: do not register PPS event for PEROUT
    1319841e52cf0 net: fec: do not allow enabling PPS and PEROUT simultaneously
    a34137dfdb7a5 net: fec: do not update PEROUT if it is enabled
    f0d1666f0e769 net: fec: cancel perout_timer when PEROUT is disabled
    d5796cf53b080 net: mctp: unconditionally set skb->dev on dst output
    64e47cd1fd631 net: atlantic: fix fragment overflow handling in RX path
    6f4fc4e4f47f3 eth: fbnic: Fix counter roll-over issue
    840cb877f3a5c net: dsa: sja1105: fix SGMII linking at 10M or 100M but not passing traffic
    e0f8ed1373789 net: wwan: mhi: Keep modem name match with Foxconn T99W640
    a8fc4440db707 dma-direct: Fix missing sg_dma_len assignment in P2PDMA bus mappings
    4a9a4f9f917c4 drm/amdgpu: fix cyan_skillfish2 gpu info fw handling
    c5ea2e50b5c9a xsk: avoid data corruption on cq descriptor number
    49d2cea7249a5 xsk: avoid overwriting skb fields for multi-buffer traffic
    88f46c0be77bf net: sxgbe: fix potential NULL dereference in sxgbe_rx()
    e3eed4f038214 team: Move team device type change at the end of team_port_add
    72ea0aadf7c90 net/mlx5e: Fix validation logic in rate limiting
    624ea86fd6e26 drm/xe: Fix conversion from clock ticks to milliseconds
    e025475913565 net: lan966x: Fix the initialization of taprio
    0354b8f6fd65c net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs
    b27a1f2518966 net: aquantia: Add missing descriptor cache invalidation on ATL2
    c2ee6d3899677 platform/x86: intel: punit_ipc: fix memory corruption
    ac6029bc010bd net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY
    3074e7a366eae drm/bridge: sii902x: Fix HDMI detection with DRM_BRIDGE_ATTACH_NO_CONNECTOR
    d0bd018ad72a8 veth: reduce XDP no_direct return section to fix race
    a6a31efa7213e Bluetooth: SMP: Fix not generating mackey and ltk when repairing
    ec74cdf77310c Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
    69fcb0344bc0d Bluetooth: hci_sock: Prevent race in socket write iter and sock bind
    b30cd4d99d4cb Bluetooth: hci_core: Fix triggering cmd_timer for HCI_OP_NOP
    faae9f2ea8806 Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface
    fb0c7c77a7ae3 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data
    f31693dc3a584 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header
    9c8eb33b70081 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
    bd8135a560cf6 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/linux-yocto-rt_6.17.bb              |  6 ++---
 .../linux/linux-yocto-tiny_6.17.bb            |  6 ++---
 meta/recipes-kernel/linux/linux-yocto_6.17.bb | 24 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb
index b145a73d15..960b9c29ba 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "4c77bf8e2eddb19ae0a6e8ba7f1bbc28477c1c86"
-SRCREV_meta ?= "064a61babfe08bd4240e22c956735f2c9cb200ef"
+SRCREV_machine ?= "d79ffb7a9e37174f6d1704bfc632f87f29358e98"
+SRCREV_meta ?= "514f487f912a5a1a34fd874487ef23b7b08497ed"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.17;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.17.10"
+LINUX_VERSION ?= "6.17.11"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb
index 54457a4c3d..790fd4a95a 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.17.inc
 
-LINUX_VERSION ?= "6.17.10"
+LINUX_VERSION ?= "6.17.11"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "43f56832407b25c045689964d109da7231474c1f"
-SRCREV_meta ?= "064a61babfe08bd4240e22c956735f2c9cb200ef"
+SRCREV_machine ?= "b49bfa0f53123c942faa17ac437d343ca144a38d"
+SRCREV_meta ?= "514f487f912a5a1a34fd874487ef23b7b08497ed"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.17.bb b/meta/recipes-kernel/linux/linux-yocto_6.17.bb
index 32a64f6383..439aba2e8c 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.17.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.17.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.17/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.17/standard/base"
 KBRANCH:qemumips64 ?= "v6.17/standard/mti-malta"
 
-SRCREV_machine:qemuarm ?= "610683567d4459e872d095cbfdfb71487b398f99"
-SRCREV_machine:qemuarm64 ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
-SRCREV_machine:qemuloongarch64 ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
+SRCREV_machine:qemuarm ?= "d5e840d399d082b5b82ad9464cd4705b3e8fd6c7"
+SRCREV_machine:qemuarm64 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
+SRCREV_machine:qemuloongarch64 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
 SRCREV_machine:qemumips ?= "62ea92a539f58803a222be98b81118403074206e"
-SRCREV_machine:qemuppc ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
-SRCREV_machine:qemuriscv64 ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
-SRCREV_machine:qemuriscv32 ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
-SRCREV_machine:qemux86 ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
-SRCREV_machine:qemux86-64 ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
+SRCREV_machine:qemuppc ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
+SRCREV_machine:qemuriscv64 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
+SRCREV_machine:qemuriscv32 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
+SRCREV_machine:qemux86 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
+SRCREV_machine:qemux86-64 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
 SRCREV_machine:qemumips64 ?= "9fb4ff0187c85426f21fd40d4c61b742800f65c4"
-SRCREV_machine ?= "a26a71902db3c80604d817a8e7a7b5c289a54fb7"
-SRCREV_meta ?= "064a61babfe08bd4240e22c956735f2c9cb200ef"
+SRCREV_machine ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
+SRCREV_meta ?= "514f487f912a5a1a34fd874487ef23b7b08497ed"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "ae593cd8579f0207305263afd7adee01ffab7fb7"
+SRCREV_machine:class-devupstream ?= "5439375ca6987ed27eba246a3b9e036357fd6ba2"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.17/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.17;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.17.10"
+LINUX_VERSION ?= "6.17.11"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.39.2

[08/15][openembedded-core] linux-yocto/6.17: update CVE exclusions (6.17.11)

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 15 changes (3 new | 12 updated): - 3 new CVEs: CVE-2025-13642, CVE-2025-61074, CVE-2025-61075 - 12 updated CVEs: CVE-2024-38798, CVE-2025-14328, CVE-2025-14329, CVE-2025-14345, CVE-2025-40940, CVE-2025-40941, CVE-2025-63074, CVE-2025-63075, CVE-2025-63076, CVE-2025-63077, CVE-2025-66627, CVE-2025-66631
        Date: Tue, 9 Dec 2025 15:24:29 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.17.inc              | 632 +++++++++++++++++-
 1 file changed, 627 insertions(+), 5 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.17.inc b/meta/recipes-kernel/linux/cve-exclusion_6.17.inc
index 0dfce88303..0f9e499d90 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.17.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.17.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-12-01 16:25:15.356251+00:00 for kernel version 6.17.10
-# From linux_kernel_cves cve_2025-12-01_1600Z-1-g77d6c1b8483
+# Generated at 2025-12-09 15:30:33.713956+00:00 for kernel version 6.17.11
+# From linux_kernel_cves cve_2025-12-09_1500Z-1-g085e057e2ea
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.17.10"
+    this_version = "6.17.11"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4028,8 +4028,6 @@ CVE_STATUS[CVE-2022-49907] = "fixed-version: Fixed from version 6.1"
 
 CVE_STATUS[CVE-2022-49908] = "fixed-version: Fixed from version 6.1"
 
-CVE_STATUS[CVE-2022-49909] = "fixed-version: Fixed from version 6.1"
-
 CVE_STATUS[CVE-2022-49910] = "fixed-version: Fixed from version 6.1"
 
 CVE_STATUS[CVE-2022-49911] = "fixed-version: Fixed from version 6.1"
@@ -5328,6 +5326,140 @@ CVE_STATUS[CVE-2022-50581] = "fixed-version: Fixed from version 6.2"
 
 CVE_STATUS[CVE-2022-50582] = "fixed-version: Fixed from version 6.1"
 
+CVE_STATUS[CVE-2022-50583] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50614] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50615] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50616] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50617] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50618] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50619] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50620] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50621] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50622] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50623] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50624] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50625] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50626] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50627] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50628] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50629] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50630] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50631] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50632] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50633] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50634] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50635] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50636] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50637] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50638] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50639] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50640] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50641] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50642] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50643] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50644] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50645] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50646] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50647] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50648] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50649] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50650] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50651] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50652] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50653] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50654] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50655] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50656] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50657] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50658] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50659] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50660] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2022-50661] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50662] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50663] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50664] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50665] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50666] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50667] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50668] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50669] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50670] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50671] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50672] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50673] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50674] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50675] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50676] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50677] = "fixed-version: Fixed from version 6.2"
+
+CVE_STATUS[CVE-2022-50678] = "fixed-version: Fixed from version 6.1"
+
+CVE_STATUS[CVE-2022-50679] = "fixed-version: Fixed from version 6.1"
+
 CVE_STATUS[CVE-2023-32246] = "fixed-version: Fixed from version 6.4"
 
 CVE_STATUS[CVE-2023-32249] = "fixed-version: Fixed from version 6.4"
@@ -7674,6 +7806,238 @@ CVE_STATUS[CVE-2023-53732] = "fixed-version: Fixed from version 6.4"
 
 CVE_STATUS[CVE-2023-53733] = "fixed-version: Fixed from version 6.5"
 
+CVE_STATUS[CVE-2023-53742] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53743] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53744] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53745] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53746] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53747] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53748] = "fixed-version: Fixed from version 6.4"
+
+# CVE-2023-53749 has no known resolution
+
+CVE_STATUS[CVE-2023-53750] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53751] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53752] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53753] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53754] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53755] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53756] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53757] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53758] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53759] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53760] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53761] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53762] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53763] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53764] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53765] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53766] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53767] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53768] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53769] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53777] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53778] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53779] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53780] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53781] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53782] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53783] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53784] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53785] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53786] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53787] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53788] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53789] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53790] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53791] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53792] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53793] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53794] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53795] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53796] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53797] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53798] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53799] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53800] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53801] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53802] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53803] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53804] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53806] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53807] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53808] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53809] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53810] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53811] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53812] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53813] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53814] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53815] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53816] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53817] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53818] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53819] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53820] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53821] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53822] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53823] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53824] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53825] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53826] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53827] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53828] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53829] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53830] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53831] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53832] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53833] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53834] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53836] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53837] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53838] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53839] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53840] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53841] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53842] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53843] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53844] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53845] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53846] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53847] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53848] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53849] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53850] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53851] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53852] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53853] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53854] = "fixed-version: Fixed from version 6.4"
+
+CVE_STATUS[CVE-2023-53855] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53856] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53857] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53858] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53859] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53860] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53861] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53862] = "fixed-version: Fixed from version 6.3"
+
+CVE_STATUS[CVE-2023-53863] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53864] = "fixed-version: Fixed from version 6.6"
+
+CVE_STATUS[CVE-2023-53865] = "fixed-version: Fixed from version 6.5"
+
+CVE_STATUS[CVE-2023-53866] = "fixed-version: Fixed from version 6.3"
+
 CVE_STATUS[CVE-2023-7324] = "fixed-version: Fixed from version 6.3"
 
 CVE_STATUS[CVE-2024-26581] = "fixed-version: Fixed from version 6.8"
@@ -17900,9 +18264,267 @@ CVE_STATUS[CVE-2025-40212] = "cpe-stable-backport: Backported in 6.17.9"
 
 CVE_STATUS[CVE-2025-40213] = "cpe-stable-backport: Backported in 6.17.8"
 
+CVE_STATUS[CVE-2025-40214] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40215] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-40216] = "fixed-version: Fixed from version 6.16"
+
+CVE_STATUS[CVE-2025-40217] = "cpe-stable-backport: Backported in 6.17.4"
+
+CVE_STATUS[CVE-2025-40218] = "cpe-stable-backport: Backported in 6.17.4"
+
+CVE_STATUS[CVE-2025-40219] = "cpe-stable-backport: Backported in 6.17.4"
+
+CVE_STATUS[CVE-2025-40220] = "cpe-stable-backport: Backported in 6.17.4"
+
+CVE_STATUS[CVE-2025-40221] = "cpe-stable-backport: Backported in 6.17.4"
+
+CVE_STATUS[CVE-2025-40222] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40223] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40224] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40225] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40226] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40227] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40228] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40229] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40230] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40231] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40232] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40233] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40234] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40235] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40236] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40237] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40238] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40239] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40240] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40241] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40242] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40243] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40244] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40245] = "cpe-stable-backport: Backported in 6.17.6"
+
+CVE_STATUS[CVE-2025-40246] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40247] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40248] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40249] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40250] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40251] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40252] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40253] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40254] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40255] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40256] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40257] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40258] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40259] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40260] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40261] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40262] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40263] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40264] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40265] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40266] = "cpe-stable-backport: Backported in 6.17.10"
+
+CVE_STATUS[CVE-2025-40267] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40268] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40269] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40270] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40271] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40272] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40273] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40274] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40275] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40276] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40277] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40278] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40279] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40280] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40281] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40282] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40283] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40284] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40285] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40286] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40287] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40288] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40289] = "cpe-stable-backport: Backported in 6.17.9"
+
+CVE_STATUS[CVE-2025-40290] = "cpe-stable-backport: Backported in 6.17.11"
+
+CVE_STATUS[CVE-2025-40291] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40292] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40293] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40294] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40295] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40296] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40297] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40298] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40299] = "cpe-stable-backport: Backported in 6.17.8"
+
 CVE_STATUS[CVE-2025-40300] = "fixed-version: Fixed from version 6.17"
 
+CVE_STATUS[CVE-2025-40301] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40302] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40303] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40304] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40305] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40306] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40307] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40308] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40309] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40310] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40311] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40312] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40313] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40314] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40315] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40316] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40317] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40318] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40319] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40320] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40321] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40322] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40323] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40324] = "cpe-stable-backport: Backported in 6.17.8"
+
 CVE_STATUS[CVE-2025-40325] = "fixed-version: Fixed from version 6.15"
 
+CVE_STATUS[CVE-2025-40326] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40327] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40328] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40329] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40330] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40331] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40332] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40333] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40334] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40335] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40336] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40337] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40338] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40339] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40340] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40341] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40342] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40343] = "cpe-stable-backport: Backported in 6.17.8"
+
+CVE_STATUS[CVE-2025-40344] = "cpe-stable-backport: Backported in 6.17.8"
+
 CVE_STATUS[CVE-2025-40364] = "fixed-version: Fixed from version 6.14"
 
-- 
2.39.2

[09/15][openembedded-core] linux-yocto/6.17: rust kernel configs

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/.:

1/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: features/kernel-rust: Add feature to enable Rust kernel support
    Date: Thu, 11 Dec 2025 04:42:31 -0800

    Add a new kernel feature that enables Rust support in the kernel. This
    introduces kernel-rust.cfg to set Rust-related Kconfig options and
    kernel-rust.scc to define the feature metadata.

    The feature enables:
      - CONFIG_RUST
      - CONFIG_RUST_OVERFLOW_CHECKS
      - CONFIG_RUST_BUILD_ASSERT_ALLOW

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

2/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: kernel-sample: Add Rust sample configuration files
    Date: Thu, 11 Dec 2025 04:42:32 -0800

    Extend the existing kernel-sample feature by adding support for the Rust
    sample modules provided by the kernel. This adds a new kernel-rust-sample.cfg
    and corresponding .scc entry alongside the existing kernel-samples.cfg.

    The new configuration enables:
      - CONFIG_SAMPLES_RUST
      - CONFIG_SAMPLE_RUST_MINIMAL
      - CONFIG_SAMPLE_RUST_PRINT
      - CONFIG_SAMPLE_RUST_HOSTPROGS

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

3/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: debug: Add kernel Rust debug feature
    Date: Thu, 11 Dec 2025 04:42:33 -0800

    Add a new debug feature to enable Rust-related kernel debugging support.
    This introduces debug-kernel-rust.scc along with its associated Kconfig
    file debug-kernel-rust.cfg.

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_6.17.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb
index 960b9c29ba..99d757b3c6 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.17.bb
@@ -15,7 +15,7 @@ python () {
 }
 
 SRCREV_machine ?= "d79ffb7a9e37174f6d1704bfc632f87f29358e98"
-SRCREV_meta ?= "514f487f912a5a1a34fd874487ef23b7b08497ed"
+SRCREV_meta ?= "d84c38d95b4e042c0df0f6cdd14ee36909f86ea3"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.17;destsuffix=${KMETA};protocol=https"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb
index 790fd4a95a..00da6d8a13 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.17.bb
@@ -18,7 +18,7 @@ KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine ?= "b49bfa0f53123c942faa17ac437d343ca144a38d"
-SRCREV_meta ?= "514f487f912a5a1a34fd874487ef23b7b08497ed"
+SRCREV_meta ?= "d84c38d95b4e042c0df0f6cdd14ee36909f86ea3"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.17.bb b/meta/recipes-kernel/linux/linux-yocto_6.17.bb
index 439aba2e8c..17919bbd3c 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.17.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.17.bb
@@ -29,7 +29,7 @@ SRCREV_machine:qemux86 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
 SRCREV_machine:qemux86-64 ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
 SRCREV_machine:qemumips64 ?= "9fb4ff0187c85426f21fd40d4c61b742800f65c4"
 SRCREV_machine ?= "69e150f88757e3d8bbdb3eee9207aa5f627ed70a"
-SRCREV_meta ?= "514f487f912a5a1a34fd874487ef23b7b08497ed"
+SRCREV_meta ?= "d84c38d95b4e042c0df0f6cdd14ee36909f86ea3"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
-- 
2.39.2

[12/15][openembedded-core] linux-libc-headers: update to 6.18

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Bumping libc-headers to match the LTS reference kernel 6.18

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../{linux-libc-headers_6.17.bb => linux-libc-headers_6.18.bb} | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 rename meta/recipes-kernel/linux-libc-headers/{linux-libc-headers_6.17.bb => linux-libc-headers_6.18.bb} (80%)

diff --git a/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.17.bb b/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.18.bb
similarity index 80%
rename from meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.17.bb
rename to meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.18.bb
index b4bf1126ab..6a1ec33dc5 100644
--- a/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.17.bb
+++ b/meta/recipes-kernel/linux-libc-headers/linux-libc-headers_6.18.bb
@@ -8,5 +8,6 @@ SRC_URI:append:libc-musl = "\
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
-SRC_URI[sha256sum] = "9b607166a1c999d8326098121222feb080a20a3253975fcdfa2de96ba7f757a7"
+SRC_URI[sha256sum] = "9106a4605da9e31ff17659d958782b815f9591ab308d03b0ee21aad6c7dced4b"
+
 
-- 
2.39.2

[13/15][openembedded-core] linux-yocto/6.18: rust kernel configs

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to linux-yocto/.:

1/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: features/kernel-rust: Add feature to enable Rust kernel support
    Date: Thu, 11 Dec 2025 04:42:31 -0800

    Add a new kernel feature that enables Rust support in the kernel. This
    introduces kernel-rust.cfg to set Rust-related Kconfig options and
    kernel-rust.scc to define the feature metadata.

    The feature enables:
      - CONFIG_RUST
      - CONFIG_RUST_OVERFLOW_CHECKS
      - CONFIG_RUST_BUILD_ASSERT_ALLOW

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

2/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: kernel-sample: Add Rust sample configuration files
    Date: Thu, 11 Dec 2025 04:42:32 -0800

    Extend the existing kernel-sample feature by adding support for the Rust
    sample modules provided by the kernel. This adds a new kernel-rust-sample.cfg
    and corresponding .scc entry alongside the existing kernel-samples.cfg.

    The new configuration enables:
      - CONFIG_SAMPLES_RUST
      - CONFIG_SAMPLE_RUST_MINIMAL
      - CONFIG_SAMPLE_RUST_PRINT
      - CONFIG_SAMPLE_RUST_HOSTPROGS

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

3/3 [
    Author: Harish Sadineni
    Email: Harish.Sadineni@windriver.com
    Subject: debug: Add kernel Rust debug feature
    Date: Thu, 11 Dec 2025 04:42:33 -0800

    Add a new debug feature to enable Rust-related kernel debugging support.
    This introduces debug-kernel-rust.scc along with its associated Kconfig
    file debug-kernel-rust.cfg.

    Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
    Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_6.18.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb
index d7d6bf9864..8121baf143 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb
@@ -15,7 +15,7 @@ python () {
 }
 
 SRCREV_machine ?= "e42d20aa0fa5148ff2db5606563b96d1f216c4d2"
-SRCREV_meta ?= "88a21543c51263713794e3ebb9faa5dd1d92af19"
+SRCREV_meta ?= "f224983ee724c8eb616ae63eb3dc2aac9752c07b"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.18;destsuffix=${KMETA};protocol=https"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb
index 4ad42ed3e9..a21a74f7b1 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb
@@ -18,7 +18,7 @@ KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_meta ?= "88a21543c51263713794e3ebb9faa5dd1d92af19"
+SRCREV_meta ?= "f224983ee724c8eb616ae63eb3dc2aac9752c07b"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.18.bb b/meta/recipes-kernel/linux/linux-yocto_6.18.bb
index 7090eb6f20..114556bcec 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.18.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.18.bb
@@ -29,7 +29,7 @@ SRCREV_machine:qemux86 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
 SRCREV_machine:qemux86-64 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
 SRCREV_machine:qemumips64 ?= "9fb4ff0187c85426f21fd40d4c61b742800f65c4"
 SRCREV_machine ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_meta ?= "88a21543c51263713794e3ebb9faa5dd1d92af19"
+SRCREV_meta ?= "f224983ee724c8eb616ae63eb3dc2aac9752c07b"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
-- 
2.39.2

[14/15][openembedded-core] linux-yocto/6.18: update to v6.18.1

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:

    25442251cbda7 Linux 6.18.1
    bf323db1d883c staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
    e841d8ea72231 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
    c0d93d69e1472 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
    aac80e912de30 comedi: check device's attached status in compat ioctls
    543f4c380c2e1 comedi: multiq3: sanitize config options in multiq3_attach()
    888f7e2847bcb comedi: c6xdigio: Fix invalid PNP driver unregistration
    4e6a409774951 iio: adc: ad4080: fix chip identification
    401b10a72f5a6 wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1
    f75b9d2c9f5b5 wifi: rtl8xxxu: Add USB ID 2001:3328 for D-Link AN3U rev. A1
    ce1d0f5c7b428 Documentation/rtla: rename common_xxx.rst files to common_xxx.txt
    e7edecc410886 USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC
    1888f286b7afe USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC
    a1210a4023aae serial: sh-sci: Fix deadlock during RSCI FIFO overrun error
    a136ffb888bbb dt-bindings: serial: rsci: Drop "uart-has-rtscts: false"
    48e5794baf58c serial: add support of CPCI cards
    64934857c8847 USB: serial: ftdi_sio: match on interface number for jtag
    a0538d99153f3 USB: serial: option: move Telit 0x10c7 composition in the right place
    1425cc83a839a USB: serial: option: add Telit Cinterion FE910C04 new compositions
    99115ab00c1fc USB: serial: option: add Foxconn T99W760
    53903ac9ca1ab KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced
    877adccfacb32 comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()
    3428831264096 rust_binder: fix race condition on death_list
    5cad18e527ba8 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
    e983feaa79de1 crypto: zstd - fix double-free in per-CPU stream cleanup
    396a9270a7b90 locking/spinlock/debug: Fix data-race in do_raw_write_lock
    8229c6ca50cea ksmbd: ipc: fix use-after-free in ipc_msg_send_request
    58df743faf21c ext4: refresh inline data size before write operations
    aa1703f3f706e jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted
    a68b06bdc1720 Documentation: process: Also mention Sasha Levin as stable tree maintainer

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/linux-yocto-rt_6.18.bb              |  6 ++---
 .../linux/linux-yocto-tiny_6.18.bb            |  6 ++---
 meta/recipes-kernel/linux/linux-yocto_6.18.bb | 24 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb
index 8121baf143..32ed29f25e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.18.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "e42d20aa0fa5148ff2db5606563b96d1f216c4d2"
-SRCREV_meta ?= "f224983ee724c8eb616ae63eb3dc2aac9752c07b"
+SRCREV_machine ?= "be7ae5a34401b4f6dcb48ff7ae47e67394dba79c"
+SRCREV_meta ?= "20f3b59dfee2c9766656309ece38c588854d5fc7"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.18;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.18"
+LINUX_VERSION ?= "6.18.1"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb
index a21a74f7b1..2afdc02467 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.18.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.18.inc
 
-LINUX_VERSION ?= "6.18"
+LINUX_VERSION ?= "6.18.1"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_meta ?= "f224983ee724c8eb616ae63eb3dc2aac9752c07b"
+SRCREV_machine ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_meta ?= "20f3b59dfee2c9766656309ece38c588854d5fc7"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.18.bb b/meta/recipes-kernel/linux/linux-yocto_6.18.bb
index 114556bcec..562a997020 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.18.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.18.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.18/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.18/standard/base"
 KBRANCH:qemumips64 ?= "v6.18/standard/mti-malta"
 
-SRCREV_machine:qemuarm ?= "c06c93977f3b4eb10dbb9d8115f5181076d6d20c"
-SRCREV_machine:qemuarm64 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_machine:qemuloongarch64 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
+SRCREV_machine:qemuarm ?= "2ccfe72c732cedba580d6f485b0b4147ebe1a483"
+SRCREV_machine:qemuarm64 ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_machine:qemuloongarch64 ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
 SRCREV_machine:qemumips ?= "62ea92a539f58803a222be98b81118403074206e"
-SRCREV_machine:qemuppc ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_machine:qemuriscv64 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_machine:qemuriscv32 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_machine:qemux86 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_machine:qemux86-64 ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
+SRCREV_machine:qemuppc ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_machine:qemuriscv64 ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_machine:qemuriscv32 ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_machine:qemux86 ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_machine:qemux86-64 ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
 SRCREV_machine:qemumips64 ?= "9fb4ff0187c85426f21fd40d4c61b742800f65c4"
-SRCREV_machine ?= "8903f880c38c2a9b1db181b26bcd52a3d9a8a4d2"
-SRCREV_meta ?= "f224983ee724c8eb616ae63eb3dc2aac9752c07b"
+SRCREV_machine ?= "189fc21c2a600eba9cacde0cd3fd1532681be785"
+SRCREV_meta ?= "20f3b59dfee2c9766656309ece38c588854d5fc7"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "7d0a66e4bb9081d75c82ec4957c50034cb0ea449"
+SRCREV_machine:class-devupstream ?= "25442251cbda7590d87d8203a8dc1ddf2c93de61"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.18/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.18;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.18"
+LINUX_VERSION ?= "6.18.1"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.39.2

[15/15][openembedded-core] linux-yocto/6.18: update CVE exclusions (6.18.1)

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 13 changes (3 new | 10 updated): - 3 new CVEs: CVE-2025-65742, CVE-2025-66434, CVE-2025-66435 - 10 updated CVEs: CVE-2024-1394, CVE-2024-44598, CVE-2024-44599, CVE-2025-13823, CVE-2025-13824, CVE-2025-14589, CVE-2025-34411, CVE-2025-34412, CVE-2025-55184, CVE-2025-60786
        Date: Mon, 15 Dec 2025 16:49:37 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.18.inc              | 669 +++++++++---------
 1 file changed, 336 insertions(+), 333 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
index d5d6d88243..6545ed4d2c 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-12-09 15:30:33.713956+00:00 for kernel version 6.18
-# From linux_kernel_cves cve_2025-12-09_1500Z-1-g085e057e2ea
+# Generated at 2025-12-15 16:54:43.920979+00:00 for kernel version 6.18.1
+# From linux_kernel_cves cve_2025-12-15_1600Z-3-ge310f2e801a
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.18"
+    this_version = "6.18.1"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -17822,33 +17822,33 @@ CVE_STATUS[CVE-2025-39989] = "fixed-version: Fixed from version 6.15"
 
 CVE_STATUS[CVE-2025-39990] = "fixed-version: Fixed from version 6.17"
 
-CVE_STATUS[CVE-2025-39991] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39991] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39992] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39992] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39993] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39993] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39994] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39994] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39995] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39995] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39996] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39996] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39997] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39997] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39998] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39998] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-39999] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-39999] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40000] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-40000] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40001] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40001] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40002] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40002] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40003] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40003] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40004] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40004] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40005] = "fixed-version: Fixed from version 6.17"
 
@@ -17866,19 +17866,19 @@ CVE_STATUS[CVE-2025-40011] = "fixed-version: Fixed from version 6.17"
 
 CVE_STATUS[CVE-2025-40012] = "fixed-version: Fixed from version 6.17"
 
-CVE_STATUS[CVE-2025-40013] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-40013] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40014] = "fixed-version: Fixed from version 6.15"
 
-CVE_STATUS[CVE-2025-40015] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-40015] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40016] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-40016] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40017] = "cpe-stable-backport: Backported in 6.17.1"
+CVE_STATUS[CVE-2025-40017] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40018] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40018] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40019] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40019] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40020] = "fixed-version: Fixed from version 6.17"
 
@@ -17890,640 +17890,643 @@ CVE_STATUS[CVE-2025-40023] = "fixed-version: Fixed from version 6.17"
 
 CVE_STATUS[CVE-2025-40024] = "fixed-version: Fixed from version 6.17"
 
-CVE_STATUS[CVE-2025-40025] = "cpe-stable-backport: Backported in 6.17.2"
+CVE_STATUS[CVE-2025-40025] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40026] = "cpe-stable-backport: Backported in 6.17.2"
+CVE_STATUS[CVE-2025-40026] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40027] = "cpe-stable-backport: Backported in 6.17.2"
+CVE_STATUS[CVE-2025-40027] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40028] = "cpe-stable-backport: Backported in 6.17.2"
+CVE_STATUS[CVE-2025-40028] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40029] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40029] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40030] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40030] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40031] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40031] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40032] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40032] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40033] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40033] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40034] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40034] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40035] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40035] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40036] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40036] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40037] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40037] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40038] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40038] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40039] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40039] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40040] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40040] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40041] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40041] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40042] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40042] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40043] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40043] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40044] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40044] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40045] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40045] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40046] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40046] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40047] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40047] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40048] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40048] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40049] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40049] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40050] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40050] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40051] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40051] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40052] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40052] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40053] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40053] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40054] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40054] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40055] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40055] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40056] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40056] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40057] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40057] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40058] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40058] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40059] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40059] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40060] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40060] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40061] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40061] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40062] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40062] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40063] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40063] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40064] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40064] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40065] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40065] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40066] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40066] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40067] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40067] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40068] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40068] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40069] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40069] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40070] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40070] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40071] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40071] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40072] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40072] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40073] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40073] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40074] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40074] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40075] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40075] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40076] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40076] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40077] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40077] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40078] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40078] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40079] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40079] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40080] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40080] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40081] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40081] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40082] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40082] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40083] = "fixed-version: Fixed from version 6.16"
 
-CVE_STATUS[CVE-2025-40084] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40084] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40085] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40085] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40086] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40086] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40087] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40087] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40088] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40088] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40089] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40089] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40090] = "fixed-version: Fixed from version 6.17.5"
 
-CVE_STATUS[CVE-2025-40091] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40091] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40092] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40092] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40093] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40093] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40094] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40094] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40095] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40095] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40096] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40096] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40097] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40097] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40098] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40098] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40099] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40099] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40100] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40100] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40101] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40101] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40102] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40102] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40103] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40103] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40104] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40104] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40105] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40105] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40106] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40106] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40107] = "fixed-version: Fixed from version 6.17"
 
-CVE_STATUS[CVE-2025-40108] = "cpe-stable-backport: Backported in 6.17.2"
+CVE_STATUS[CVE-2025-40108] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40109] = "cpe-stable-backport: Backported in 6.17.2"
+CVE_STATUS[CVE-2025-40109] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40110] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40110] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40111] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40111] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40112] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40112] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40113] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40113] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40114] = "fixed-version: Fixed from version 6.15"
 
-CVE_STATUS[CVE-2025-40115] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40115] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40116] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40116] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40117] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40117] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40118] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40118] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40119] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40119] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40120] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40120] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40121] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40121] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40122] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40122] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40123] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40123] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40124] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40124] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40125] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40125] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40126] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40126] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40127] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40127] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40129] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40129] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40130] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40130] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40131] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40131] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40132] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40132] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40133] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40133] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40134] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40134] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40135] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40135] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40136] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40136] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40137] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40137] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40138] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40138] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40139] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40139] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40140] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40140] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40141] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40141] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40142] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40142] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40143] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40143] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40145] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40145] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40146] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40146] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40147] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40147] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40148] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40148] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40149] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40149] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40150] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40150] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40151] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40151] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40152] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40152] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40153] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40153] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40154] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40154] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40155] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40155] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40156] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40156] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40157] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40157] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40158] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40158] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40159] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40159] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40160] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40160] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40161] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40161] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40162] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40162] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40163] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40163] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40164] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40164] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40165] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40165] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40166] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40166] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40167] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40167] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40168] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40168] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40169] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40169] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40170] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40170] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40171] = "cpe-stable-backport: Backported in 6.17.3"
+CVE_STATUS[CVE-2025-40171] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40172] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40172] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40173] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40173] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40174] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40174] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40175] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40175] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40176] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40176] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40177] = "cpe-stable-backport: Backported in 6.17.5"
+CVE_STATUS[CVE-2025-40177] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40178] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40178] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40179] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40179] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40180] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40180] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40181] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40181] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40182] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40182] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40183] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40183] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40184] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40184] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40185] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40185] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40186] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40186] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40187] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40187] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40188] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40188] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40189] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40189] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40190] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40190] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40191] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40191] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40192] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40192] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40193] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40193] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40194] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40194] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40195] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40195] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40196] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40196] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40197] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40197] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40198] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40198] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40199] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40199] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40200] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40200] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40201] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40201] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40202] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40202] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40203] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40203] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40204] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40204] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40205] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40205] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40206] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40206] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40207] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40207] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40208] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40208] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40209] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40209] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40210] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40210] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40211] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40211] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40212] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40212] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40213] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40213] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40214] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40214] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40215] = "fixed-version: Fixed from version 6.16"
 
 CVE_STATUS[CVE-2025-40216] = "fixed-version: Fixed from version 6.16"
 
-CVE_STATUS[CVE-2025-40217] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40217] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40218] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40218] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40219] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40219] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40220] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40220] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40221] = "cpe-stable-backport: Backported in 6.17.4"
+CVE_STATUS[CVE-2025-40221] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40222] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40222] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40223] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40223] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40224] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40224] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40225] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40225] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40226] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40226] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40227] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40227] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40228] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40228] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40229] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40229] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40230] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40230] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40231] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40231] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40232] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40232] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40233] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40233] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40234] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40234] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40235] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40235] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40236] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40236] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40237] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40237] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40238] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40238] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40239] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40239] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40240] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40240] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40241] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40241] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40242] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40242] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40243] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40243] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40244] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40244] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40245] = "cpe-stable-backport: Backported in 6.17.6"
+CVE_STATUS[CVE-2025-40245] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40246] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40246] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40247] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40247] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40248] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40248] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40249] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40249] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40250] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40250] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40251] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40251] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40252] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40252] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40253] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40253] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40254] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40254] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40255] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40255] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40256] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40256] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40257] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40257] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40258] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40258] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40259] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40259] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40260] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40260] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40261] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40261] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40262] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40262] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40263] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40263] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40264] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40264] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40265] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40265] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40266] = "cpe-stable-backport: Backported in 6.17.10"
+CVE_STATUS[CVE-2025-40266] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40267] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40267] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40268] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40268] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40269] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40269] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40270] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40270] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40271] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40271] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40272] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40272] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40273] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40273] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40274] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40274] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40275] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40275] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40276] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40276] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40277] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40277] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40278] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40278] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40279] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40279] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40280] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40280] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40281] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40281] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40282] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40282] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40283] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40283] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40284] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40284] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40285] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40285] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40286] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40286] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40287] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40287] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40288] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40288] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40289] = "cpe-stable-backport: Backported in 6.17.9"
+CVE_STATUS[CVE-2025-40289] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40290] = "cpe-stable-backport: Backported in 6.17.11"
+CVE_STATUS[CVE-2025-40290] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40291] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40291] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40292] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40292] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40293] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40293] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40294] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40294] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40295] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40295] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40296] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40296] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40297] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40297] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40298] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40298] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40299] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40299] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40300] = "fixed-version: Fixed from version 6.17"
 
-CVE_STATUS[CVE-2025-40301] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40301] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40302] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40302] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40303] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40303] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40304] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40304] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40305] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40305] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40306] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40306] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40307] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40307] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40308] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40308] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40309] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40309] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40310] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40310] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40311] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40311] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40312] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40312] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40313] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40313] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40314] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40314] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40315] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40315] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40316] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40316] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40317] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40317] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40318] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40318] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40319] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40319] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40320] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40320] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40321] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40321] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40322] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40322] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40323] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40323] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40324] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40324] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40325] = "fixed-version: Fixed from version 6.15"
 
-CVE_STATUS[CVE-2025-40326] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40326] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40327] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40327] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40328] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40328] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40329] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40329] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40330] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40330] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40331] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40331] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40332] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40332] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40333] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40333] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40334] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40334] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40335] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40335] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40336] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40336] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40337] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40337] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40338] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40338] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40339] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40339] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40340] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40340] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40341] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40341] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40342] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40342] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40343] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40343] = "fixed-version: Fixed from version 6.18"
 
-CVE_STATUS[CVE-2025-40344] = "cpe-stable-backport: Backported in 6.17.8"
+CVE_STATUS[CVE-2025-40344] = "fixed-version: Fixed from version 6.18"
+
+CVE_STATUS[CVE-2025-40345] = "fixed-version: Fixed from version 6.18"
 
 CVE_STATUS[CVE-2025-40364] = "fixed-version: Fixed from version 6.14"
+
-- 
2.39.2

[01/06][meta-yocto] yocto-bsp: introduce 6.18 h/w reference

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../recipes-kernel/linux/linux-yocto_6.18.bbappend    | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.18.bbappend

diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.18.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.18.bbappend
new file mode 100644
index 0000000..68e7b00
--- /dev/null
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.18.bbappend
@@ -0,0 +1,11 @@
+COMPATIBLE_MACHINE:genericarm64 = "genericarm64"
+COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"
+COMPATIBLE_MACHINE:genericx86 = "genericx86"
+COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
+
+KMACHINE:beaglebone-yocto ?= "beaglebone"
+KMACHINE:genericx86 ?= "common-pc"
+KMACHINE:genericx86-64 ?= "common-pc-64"
+
+KBRANCH:genericarm64 ?= "v6.18/standard/genericarm64"
+SRCREV_machine:genericarm64 ?= "2a6b42e5c86e010e52dc2908775a92048987d65c"
-- 
2.39.2

[02/06][meta-yocto] yocto-bsp/6.17: drop bbappend

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

The 6.17 kernel is being removed from OE core, so we no longer
need this bbappend.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../recipes-kernel/linux/linux-yocto_6.17.bbappend    | 11 -----------
 1 file changed, 11 deletions(-)
 delete mode 100644 meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.17.bbappend

diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.17.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.17.bbappend
deleted file mode 100644
index 603a967..0000000
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.17.bbappend
+++ /dev/null
@@ -1,11 +0,0 @@
-COMPATIBLE_MACHINE:genericarm64 = "genericarm64"
-COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"
-COMPATIBLE_MACHINE:genericx86 = "genericx86"
-COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
-
-KMACHINE:beaglebone-yocto ?= "beaglebone"
-KMACHINE:genericx86 ?= "common-pc"
-KMACHINE:genericx86-64 ?= "common-pc-64"
-
-KBRANCH:genericarm64 ?= "v6.17/standard/genericarm64"
-SRCREV_machine:genericarm64 ?= "459fdea93914f4db040bd8ebf8bce134a4cd6388"
-- 
2.39.2

[03/06][meta-yocto] poky-tiny: make 6.18 preferred kernel version

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

6.18-LTS is the reference kernel for upcoming releases, so bumping
-tiny to match.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta-poky/conf/distro/poky-tiny.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-poky/conf/distro/poky-tiny.conf b/meta-poky/conf/distro/poky-tiny.conf
index 84baef3..43c9bae 100644
--- a/meta-poky/conf/distro/poky-tiny.conf
+++ b/meta-poky/conf/distro/poky-tiny.conf
@@ -41,7 +41,7 @@ FULL_OPTIMIZATION = "-Os"
 # Distro config is evaluated after the machine config, so we have to explicitly
 # set the kernel provider to override a machine config.
 PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-tiny"
-PREFERRED_VERSION_linux-yocto-tiny ?= "6.16%"
+PREFERRED_VERSION_linux-yocto-tiny ?= "6.18%"
 
 # We can use packagegroup-core-boot, but in the future we may need a new packagegroup-core-tiny
 #POKY_DEFAULT_EXTRA_RDEPENDS += "packagegroup-core-boot"
-- 
2.39.2

[04/06][meta-yocto] poky: make 6.18 preferred kernel version

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

6.18-LTS is our reference kernel for poky in the upcoming release.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta-poky/conf/distro/poky.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf
index f1e91ec..dc39e53 100644
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -19,8 +19,8 @@ POKY_DEFAULT_EXTRA_RRECOMMENDS = "kernel-module-af-packet"
 
 DISTRO_FEATURES ?= "${DISTRO_FEATURES_DEFAULT} ${POKY_DEFAULT_DISTRO_FEATURES}"
 
-PREFERRED_VERSION_linux-yocto ?= "6.16%"
-PREFERRED_VERSION_linux-yocto-rt ?= "6.16%"
+PREFERRED_VERSION_linux-yocto ?= "6.18%"
+PREFERRED_VERSION_linux-yocto-rt ?= "6.18%"
 
 SDK_NAME = "${DISTRO}-${TCLIBC}-${SDKMACHINE}-${IMAGE_BASENAME}-${TUNE_PKGARCH}-${MACHINE}"
 SDKPATHINSTALL = "/opt/${DISTRO}/${SDK_VERSION}"
-- 
2.39.2

[05/06][meta-yocto] poky-alt: make default kernel 6.18

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Making the alternate distro 6.18 to match our LTS bump in
the other reference distros.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta-poky/conf/distro/include/poky-distro-alt-test-config.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc b/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc
index da9199d..a5214c5 100644
--- a/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc
+++ b/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc
@@ -2,7 +2,7 @@
 DISTRO_FEATURES:append = " pam usrmerge"
 
 # Use our alternate kernel version
-PREFERRED_VERSION_linux-yocto = "6.12%"
+PREFERRED_VERSION_linux-yocto = "6.18%"
 
 # Ensure the kernel nfs server is enabled
 KERNEL_FEATURES:append:pn-linux-yocto = " features/nfsd/nfsd-enable.scc"
-- 
2.39.2

[06/06][meta-yocto] yocto-bsp: genericx86: bump default kernel to 6.18

[bruce.ashfield]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta-yocto-bsp/conf/machine/include/genericx86-common.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-yocto-bsp/conf/machine/include/genericx86-common.inc b/meta-yocto-bsp/conf/machine/include/genericx86-common.inc
index 76a742b..95d9e17 100644
--- a/meta-yocto-bsp/conf/machine/include/genericx86-common.inc
+++ b/meta-yocto-bsp/conf/machine/include/genericx86-common.inc
@@ -2,7 +2,7 @@ include conf/machine/include/x86/x86-base.inc
 require conf/machine/include/x86/qemuboot-x86.inc
 MACHINE_FEATURES += "wifi efi pcbios"
 
-PREFERRED_VERSION_linux-yocto ?= "6.12%"
+PREFERRED_VERSION_linux-yocto ?= "6.18%"
 PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
 PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg"
 XSERVER ?= "${XSERVER_X86_BASE} \
-- 
2.39.2

Re: [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Richard Purdie]

Hi Bruce,

On Thu, 2025-12-18 at 15:22 -0500, bruce.ashfield@gmail.com wrote:
> As discussed in the weekly engineering call, I'm sending this as
> single series even though it crossed boundaries of the repositories.
> 
> I don't have access to meta-yocto-contrib yet, so I haven't pushed
> the component parts to contrib branches yet, but will do that for
> future pull requests.
> 
> I'm using this as a first run through some things I've cooked up
> to coordinate the patches across the repos. The formatting is my
> own, so apologies if it isn't clear .. and we'll see if it all 
> 
> Now to the series for OE-core:
> 
>  - We have stable updates to 6.12
>  - A kern-tools fix
>  - Updates to 6.17
>  - Removal of 6.17
>  - Introduction of 6.18
>  - Bump to libc-headers to 6.18
> 
> I've built and booted what I can locally, and I know that the
> major architectures work, and are functional with respect to
> core features.
> 
> I have more libc-headers testing running against meta-oe and
> muslc, so there may be some breakage there and I'll help deal
> with that if it happens.
> 
> The update and then removal of 6.17 is on purpose. In case any
> one was using it, they should get the latest tested before it
> starts to be removed.
> 
> For meta-yocto:
> 
>   - removal of any remaining 6.17 references
>   - introduction of 6.18
> 
> The meta-yocto default changes are obviously REALLY RFC/RFT
> there will be issues, but I've provided them anyway to make it
> clear that we are going to 6.18 as the new default for all the
> variants.
> 
> Once we get 6.18 fully green and the h/w references udpated,
> I'll remove 6.12 and 6.16 from master. That isn't in this series
> by design.

I ran this through some testing and it isn't straight forward.

We need a newer strace with the newer kernel so I queued that patch
from Robert. That caused ptest failures so I disabled the failing bpf
strace ptests.

ltp failed to compile so I backported a patch to fix that.

We still have a cryptodev-module failure:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2922
https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/2897
(all world builds I think)

and an initramfs module space problem:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2931

The rest of the build is still ongoing.

Cheers,

Richard

Re: [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Bruce Ashfield]

On Mon, Dec 22, 2025 at 9:13 AM Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
>
> Hi Bruce,
>
> On Thu, 2025-12-18 at 15:22 -0500, bruce.ashfield@gmail.com wrote:
> > As discussed in the weekly engineering call, I'm sending this as
> > single series even though it crossed boundaries of the repositories.
> >
> > I don't have access to meta-yocto-contrib yet, so I haven't pushed
> > the component parts to contrib branches yet, but will do that for
> > future pull requests.
> >
> > I'm using this as a first run through some things I've cooked up
> > to coordinate the patches across the repos. The formatting is my
> > own, so apologies if it isn't clear .. and we'll see if it all
> >
> > Now to the series for OE-core:
> >
> >  - We have stable updates to 6.12
> >  - A kern-tools fix
> >  - Updates to 6.17
> >  - Removal of 6.17
> >  - Introduction of 6.18
> >  - Bump to libc-headers to 6.18
> >
> > I've built and booted what I can locally, and I know that the
> > major architectures work, and are functional with respect to
> > core features.
> >
> > I have more libc-headers testing running against meta-oe and
> > muslc, so there may be some breakage there and I'll help deal
> > with that if it happens.
> >
> > The update and then removal of 6.17 is on purpose. In case any
> > one was using it, they should get the latest tested before it
> > starts to be removed.
> >
> > For meta-yocto:
> >
> >   - removal of any remaining 6.17 references
> >   - introduction of 6.18
> >
> > The meta-yocto default changes are obviously REALLY RFC/RFT
> > there will be issues, but I've provided them anyway to make it
> > clear that we are going to 6.18 as the new default for all the
> > variants.
> >
> > Once we get 6.18 fully green and the h/w references udpated,
> > I'll remove 6.12 and 6.16 from master. That isn't in this series
> > by design.
>
> I ran this through some testing and it isn't straight forward.
>

Back online after a 10 hour drive!

> We need a newer strace with the newer kernel so I queued that patch
> from Robert. That caused ptest failures so I disabled the failing bpf
> strace ptests.

ok. I'll ignore strace and assume that bump will handle it.

>
> ltp failed to compile so I backported a patch to fix that.
>

ack'd

> We still have a cryptodev-module failure:
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2922
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/2897
> (all world builds I think)

I can handle this one, it'll be.a day or so, but I also haven't checked
the  autoupdate list yet to see if this is in it. I'll check the lists before
I start and see if anyone else has an update in flight.

>
> and an initramfs module space problem:
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2931

And a config warning (easy for me to fix).'

For the space. Is it only genericarm64 that we do this test on ?  It
could either e normal kernel size increases, or it could be all the work
that has been done in genericarm64's config that has causes this.

If it is normal kernel, then I can have a look for something obvious,
and then we can increase the size. If it is only genericarm64, then
we should get Mikko's opinion on what might be options we could
tweak to reduce the size.

Bruce


>
> The rest of the build is still ongoing.
>
> Cheers,
>
> Richard
>


--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II

Re: [OE-core] [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Mikko Rapeli]

Hi,

On Mon, Dec 22, 2025 at 10:34:14PM -0500, Bruce Ashfield via lists.openembedded.org wrote:
> On Mon, Dec 22, 2025 at 9:13 AM Richard Purdie
> <richard.purdie@linuxfoundation.org> wrote:
> >
> > Hi Bruce,
> >
> > On Thu, 2025-12-18 at 15:22 -0500, bruce.ashfield@gmail.com wrote:
> > > As discussed in the weekly engineering call, I'm sending this as
> > > single series even though it crossed boundaries of the repositories.
> > >
> > > I don't have access to meta-yocto-contrib yet, so I haven't pushed
> > > the component parts to contrib branches yet, but will do that for
> > > future pull requests.
> > >
> > > I'm using this as a first run through some things I've cooked up
> > > to coordinate the patches across the repos. The formatting is my
> > > own, so apologies if it isn't clear .. and we'll see if it all
> > >
> > > Now to the series for OE-core:
> > >
> > >  - We have stable updates to 6.12
> > >  - A kern-tools fix
> > >  - Updates to 6.17
> > >  - Removal of 6.17
> > >  - Introduction of 6.18
> > >  - Bump to libc-headers to 6.18
> > >
> > > I've built and booted what I can locally, and I know that the
> > > major architectures work, and are functional with respect to
> > > core features.
> > >
> > > I have more libc-headers testing running against meta-oe and
> > > muslc, so there may be some breakage there and I'll help deal
> > > with that if it happens.
> > >
> > > The update and then removal of 6.17 is on purpose. In case any
> > > one was using it, they should get the latest tested before it
> > > starts to be removed.
> > >
> > > For meta-yocto:
> > >
> > >   - removal of any remaining 6.17 references
> > >   - introduction of 6.18
> > >
> > > The meta-yocto default changes are obviously REALLY RFC/RFT
> > > there will be issues, but I've provided them anyway to make it
> > > clear that we are going to 6.18 as the new default for all the
> > > variants.
> > >
> > > Once we get 6.18 fully green and the h/w references udpated,
> > > I'll remove 6.12 and 6.16 from master. That isn't in this series
> > > by design.
> >
> > I ran this through some testing and it isn't straight forward.
> >
> 
> Back online after a 10 hour drive!
> 
> > We need a newer strace with the newer kernel so I queued that patch
> > from Robert. That caused ptest failures so I disabled the failing bpf
> > strace ptests.
> 
> ok. I'll ignore strace and assume that bump will handle it.
> 
> >
> > ltp failed to compile so I backported a patch to fix that.
> >
> 
> ack'd
> 
> > We still have a cryptodev-module failure:
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2922
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/2897
> > (all world builds I think)
> 
> I can handle this one, it'll be.a day or so, but I also haven't checked
> the  autoupdate list yet to see if this is in it. I'll check the lists before
> I start and see if anyone else has an update in flight.
> 
> >
> > and an initramfs module space problem:
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2931
> 
> And a config warning (easy for me to fix).'
> 
> For the space. Is it only genericarm64 that we do this test on ?  It
> could either e normal kernel size increases, or it could be all the work
> that has been done in genericarm64's config that has causes this.
> 
> If it is normal kernel, then I can have a look for something obvious,
> and then we can increase the size. If it is only genericarm64, then
> we should get Mikko's opinion on what might be options we could
> tweak to reduce the size.

This is normal. More drivers as modules, dependencies to firmware and slight
increase in kernel size hitting the limit again. I think increasing the limit
is the way to go now. I've been hitting this limit locally with 6.17 kernel too
after some more arm64 drivers are enabled.

Cheers,

-Mikko

Re: [OE-core] [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Mikko Rapeli]

Hi,

On Tue, Dec 23, 2025 at 09:31:06AM +0200, Mikko Rapeli via lists.openembedded.org wrote:
> On Mon, Dec 22, 2025 at 10:34:14PM -0500, Bruce Ashfield via lists.openembedded.org wrote:
> > On Mon, Dec 22, 2025 at 9:13 AM Richard Purdie
> > <richard.purdie@linuxfoundation.org> wrote:
> > >
> > > Hi Bruce,
> > >
> > > On Thu, 2025-12-18 at 15:22 -0500, bruce.ashfield@gmail.com wrote:
> > > > As discussed in the weekly engineering call, I'm sending this as
> > > > single series even though it crossed boundaries of the repositories.
> > > >
> > > > I don't have access to meta-yocto-contrib yet, so I haven't pushed
> > > > the component parts to contrib branches yet, but will do that for
> > > > future pull requests.
> > > >
> > > > I'm using this as a first run through some things I've cooked up
> > > > to coordinate the patches across the repos. The formatting is my
> > > > own, so apologies if it isn't clear .. and we'll see if it all
> > > >
> > > > Now to the series for OE-core:
> > > >
> > > >  - We have stable updates to 6.12
> > > >  - A kern-tools fix
> > > >  - Updates to 6.17
> > > >  - Removal of 6.17
> > > >  - Introduction of 6.18
> > > >  - Bump to libc-headers to 6.18
> > > >
> > > > I've built and booted what I can locally, and I know that the
> > > > major architectures work, and are functional with respect to
> > > > core features.
> > > >
> > > > I have more libc-headers testing running against meta-oe and
> > > > muslc, so there may be some breakage there and I'll help deal
> > > > with that if it happens.
> > > >
> > > > The update and then removal of 6.17 is on purpose. In case any
> > > > one was using it, they should get the latest tested before it
> > > > starts to be removed.
> > > >
> > > > For meta-yocto:
> > > >
> > > >   - removal of any remaining 6.17 references
> > > >   - introduction of 6.18
> > > >
> > > > The meta-yocto default changes are obviously REALLY RFC/RFT
> > > > there will be issues, but I've provided them anyway to make it
> > > > clear that we are going to 6.18 as the new default for all the
> > > > variants.
> > > >
> > > > Once we get 6.18 fully green and the h/w references udpated,
> > > > I'll remove 6.12 and 6.16 from master. That isn't in this series
> > > > by design.
> > >
> > > I ran this through some testing and it isn't straight forward.
> > >
> > 
> > Back online after a 10 hour drive!
> > 
> > > We need a newer strace with the newer kernel so I queued that patch
> > > from Robert. That caused ptest failures so I disabled the failing bpf
> > > strace ptests.
> > 
> > ok. I'll ignore strace and assume that bump will handle it.
> > 
> > >
> > > ltp failed to compile so I backported a patch to fix that.
> > >
> > 
> > ack'd
> > 
> > > We still have a cryptodev-module failure:
> > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2922
> > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/2897
> > > (all world builds I think)
> > 
> > I can handle this one, it'll be.a day or so, but I also haven't checked
> > the  autoupdate list yet to see if this is in it. I'll check the lists before
> > I start and see if anyone else has an update in flight.
> > 
> > >
> > > and an initramfs module space problem:
> > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2931
> > 
> > And a config warning (easy for me to fix).'
> > 
> > For the space. Is it only genericarm64 that we do this test on ?  It
> > could either e normal kernel size increases, or it could be all the work
> > that has been done in genericarm64's config that has causes this.
> > 
> > If it is normal kernel, then I can have a look for something obvious,
> > and then we can increase the size. If it is only genericarm64, then
> > we should get Mikko's opinion on what might be options we could
> > tweak to reduce the size.
> 
> This is normal. More drivers as modules, dependencies to firmware and slight
> increase in kernel size hitting the limit again. I think increasing the limit
> is the way to go now. I've been hitting this limit locally with 6.17 kernel too
> after some more arm64 drivers are enabled.

I see Richard added a patch in meta-yocto master-next to update genericarm64
INITRAMFS_MAXSIZE to 280 Mb. This is fine for me.

A lot of the kernel drivers and firmware blobs are strictly not needed in initramfs
to mount the rootfs, but we can't separate them at the moment without full manual
control of the initramfs package contents.

Cheers,

-Mikko

Re: [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Richard Purdie]

On Mon, 2025-12-22 at 22:34 -0500, Bruce Ashfield wrote:
> On Mon, Dec 22, 2025 at 9:13 AM Richard Purdie
> <richard.purdie@linuxfoundation.org> wrote:
> > 
> > Hi Bruce,
> > 
> > On Thu, 2025-12-18 at 15:22 -0500, bruce.ashfield@gmail.com wrote:
> > > As discussed in the weekly engineering call, I'm sending this as
> > > single series even though it crossed boundaries of the repositories.
> > > 
> > > I don't have access to meta-yocto-contrib yet, so I haven't pushed
> > > the component parts to contrib branches yet, but will do that for
> > > future pull requests.
> > > 
> > > I'm using this as a first run through some things I've cooked up
> > > to coordinate the patches across the repos. The formatting is my
> > > own, so apologies if it isn't clear .. and we'll see if it all
> > > 
> > > Now to the series for OE-core:
> > > 
> > >  - We have stable updates to 6.12
> > >  - A kern-tools fix
> > >  - Updates to 6.17
> > >  - Removal of 6.17
> > >  - Introduction of 6.18
> > >  - Bump to libc-headers to 6.18
> > > 
> > > I've built and booted what I can locally, and I know that the
> > > major architectures work, and are functional with respect to
> > > core features.
> > > 
> > > I have more libc-headers testing running against meta-oe and
> > > muslc, so there may be some breakage there and I'll help deal
> > > with that if it happens.
> > > 
> > > The update and then removal of 6.17 is on purpose. In case any
> > > one was using it, they should get the latest tested before it
> > > starts to be removed.
> > > 
> > > For meta-yocto:
> > > 
> > >   - removal of any remaining 6.17 references
> > >   - introduction of 6.18
> > > 
> > > The meta-yocto default changes are obviously REALLY RFC/RFT
> > > there will be issues, but I've provided them anyway to make it
> > > clear that we are going to 6.18 as the new default for all the
> > > variants.
> > > 
> > > Once we get 6.18 fully green and the h/w references udpated,
> > > I'll remove 6.12 and 6.16 from master. That isn't in this series
> > > by design.
> > 
> > I ran this through some testing and it isn't straight forward.
> > 
> 
> Back online after a 10 hour drive!
> 
> > We need a newer strace with the newer kernel so I queued that patch
> > from Robert. That caused ptest failures so I disabled the failing bpf
> > strace ptests.
> 
> ok. I'll ignore strace and assume that bump will handle it.
> 
> > 
> > ltp failed to compile so I backported a patch to fix that.
> > 
> 
> ack'd
> 
> > We still have a cryptodev-module failure:
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2922
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/2897
> > (all world builds I think)
> 
> I can handle this one, it'll be.a day or so, but I also haven't checked
> the  autoupdate list yet to see if this is in it. I'll check the lists before
> I start and see if anyone else has an update in flight.

I'd tried the srcrev change on master next and it worked. I've taked
your patch, thanks!

> > and an initramfs module space problem:
> > https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2931
> 
> And a config warning (easy for me to fix).'
> 
> For the space. Is it only genericarm64 that we do this test on ?  It
> could either e normal kernel size increases, or it could be all the work
> that has been done in genericarm64's config that has causes this.
> 
> If it is normal kernel, then I can have a look for something obvious,
> and then we can increase the size. If it is only genericarm64, then
> we should get Mikko's opinion on what might be options we could
> tweak to reduce the size.

I don't want to break things too badly given it is the holidays but I
do want to keep patches moving. I've therefore taken most of your
series except the bits making the default 6.18.

This gets us on the new point releases, bumps the CVE info, drops 6.17
and adds 6.18 for testing along with switching to the 6.18 headers.

I included the cryptodev-module tweak, the ltp fix, the strace fixes
and a tweak to increase the initramfs size by 20MB.

The initramfs issue is genericarm64 specific and Mikko was in favour of
increasing the initramfs size. I am a bit worried about the size issues
there but that is a bigger issue to think about at a different time.

This does leave genericarm64 kernel config warnings:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/60/builds/2902
https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2933

meta-arm failures:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/75/builds/2786

meta-virt failures:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/89/builds/2761

as the issues we need to resolve before we change the default to 6.18.
Hopefully a sensible compromise for the holidays! :)

Cheers,

Richard

Re: [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Bruce Ashfield]

On Tue, Dec 23, 2025 at 8:45 AM Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
>
> On Mon, 2025-12-22 at 22:34 -0500, Bruce Ashfield wrote:
> > On Mon, Dec 22, 2025 at 9:13 AM Richard Purdie
> > <richard.purdie@linuxfoundation.org> wrote:
> > >
> > > Hi Bruce,
> > >
> > > On Thu, 2025-12-18 at 15:22 -0500, bruce.ashfield@gmail.com wrote:
> > > > As discussed in the weekly engineering call, I'm sending this as
> > > > single series even though it crossed boundaries of the repositories.
> > > >
> > > > I don't have access to meta-yocto-contrib yet, so I haven't pushed
> > > > the component parts to contrib branches yet, but will do that for
> > > > future pull requests.
> > > >
> > > > I'm using this as a first run through some things I've cooked up
> > > > to coordinate the patches across the repos. The formatting is my
> > > > own, so apologies if it isn't clear .. and we'll see if it all
> > > >
> > > > Now to the series for OE-core:
> > > >
> > > >  - We have stable updates to 6.12
> > > >  - A kern-tools fix
> > > >  - Updates to 6.17
> > > >  - Removal of 6.17
> > > >  - Introduction of 6.18
> > > >  - Bump to libc-headers to 6.18
> > > >
> > > > I've built and booted what I can locally, and I know that the
> > > > major architectures work, and are functional with respect to
> > > > core features.
> > > >
> > > > I have more libc-headers testing running against meta-oe and
> > > > muslc, so there may be some breakage there and I'll help deal
> > > > with that if it happens.
> > > >
> > > > The update and then removal of 6.17 is on purpose. In case any
> > > > one was using it, they should get the latest tested before it
> > > > starts to be removed.
> > > >
> > > > For meta-yocto:
> > > >
> > > >   - removal of any remaining 6.17 references
> > > >   - introduction of 6.18
> > > >
> > > > The meta-yocto default changes are obviously REALLY RFC/RFT
> > > > there will be issues, but I've provided them anyway to make it
> > > > clear that we are going to 6.18 as the new default for all the
> > > > variants.
> > > >
> > > > Once we get 6.18 fully green and the h/w references udpated,
> > > > I'll remove 6.12 and 6.16 from master. That isn't in this series
> > > > by design.
> > >
> > > I ran this through some testing and it isn't straight forward.
> > >
> >
> > Back online after a 10 hour drive!
> >
> > > We need a newer strace with the newer kernel so I queued that patch
> > > from Robert. That caused ptest failures so I disabled the failing bpf
> > > strace ptests.
> >
> > ok. I'll ignore strace and assume that bump will handle it.
> >
> > >
> > > ltp failed to compile so I backported a patch to fix that.
> > >
> >
> > ack'd
> >
> > > We still have a cryptodev-module failure:
> > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/6/builds/2922
> > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/25/builds/2897
> > > (all world builds I think)
> >
> > I can handle this one, it'll be.a day or so, but I also haven't checked
> > the  autoupdate list yet to see if this is in it. I'll check the lists before
> > I start and see if anyone else has an update in flight.
>
> I'd tried the srcrev change on master next and it worked. I've taked
> your patch, thanks!
>
> > > and an initramfs module space problem:
> > > https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2931
> >
> > And a config warning (easy for me to fix).'
> >
> > For the space. Is it only genericarm64 that we do this test on ?  It
> > could either e normal kernel size increases, or it could be all the work
> > that has been done in genericarm64's config that has causes this.
> >
> > If it is normal kernel, then I can have a look for something obvious,
> > and then we can increase the size. If it is only genericarm64, then
> > we should get Mikko's opinion on what might be options we could
> > tweak to reduce the size.
>
> I don't want to break things too badly given it is the holidays but I
> do want to keep patches moving. I've therefore taken most of your
> series except the bits making the default 6.18.
>
> This gets us on the new point releases, bumps the CVE info, drops 6.17
> and adds 6.18 for testing along with switching to the 6.18 headers.
>
> I included the cryptodev-module tweak, the ltp fix, the strace fixes
> and a tweak to increase the initramfs size by 20MB.
>

Sounds good.

> The initramfs issue is genericarm64 specific and Mikko was in favour of
> increasing the initramfs size. I am a bit worried about the size issues
> there but that is a bigger issue to think about at a different time.
>
> This does leave genericarm64 kernel config warnings:
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/60/builds/2902
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2933

I see the patch for this from Mikko

>
> meta-arm failures:
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/75/builds/2786
>
> meta-virt failures:
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/89/builds/2761

And I've fixed this on master-next of meta-virt while I was doing
6.18, I just haven't had enough time to finish testing there. It'll be
pushed at some point before Jan 1st, so no concerns there.

Bruce

>
> as the issues we need to resolve before we change the default to 6.18.
> Hopefully a sensible compromise for the holidays! :)
>
> Cheers,
>
> Richard
>
>
>
>

--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II

Re: [OE-core] [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Bruce Ashfield]

On Thu, Dec 18, 2025 at 3:22 PM Bruce Ashfield via
lists.openembedded.org
<bruce.ashfield=gmail.com@lists.openembedded.org> wrote:
>
> From: Bruce Ashfield <bruce.ashfield@gmail.com>
>
> Hi all,
>
> As discussed in the weekly engineering call, I'm sending this as
> single series even though it crossed boundaries of the repositories.
>
> I don't have access to meta-yocto-contrib yet, so I haven't pushed
> the component parts to contrib branches yet, but will do that for
> future pull requests.
>
> I'm using this as a first run through some things I've cooked up
> to coordinate the patches across the repos. The formatting is my
> own, so apologies if it isn't clear .. and we'll see if it all
>
> Now to the series for OE-core:
>
>  - We have stable updates to 6.12
>  - A kern-tools fix
>  - Updates to 6.17
>  - Removal of 6.17
>  - Introduction of 6.18
>  - Bump to libc-headers to 6.18
>
> I've built and booted what I can locally, and I know that the
> major architectures work, and are functional with respect to
> core features.
>
> I have more libc-headers testing running against meta-oe and
> muslc, so there may be some breakage there and I'll help deal
> with that if it happens.
>
> The update and then removal of 6.17 is on purpose. In case any
> one was using it, they should get the latest tested before it
> starts to be removed.
>
> For meta-yocto:
>
>   - removal of any remaining 6.17 references
>   - introduction of 6.18
>
> The meta-yocto default changes are obviously REALLY RFC/RFT
> there will be issues, but I've provided them anyway to make it
> clear that we are going to 6.18 as the new default for all the
> variants.
>
> Once we get 6.18 fully green and the h/w references udpated,
> I'll remove 6.12 and 6.16 from master. That isn't in this series
> by design.


FYI: my extended testing shows a warning in the virtualization
fragments. It isn't serious, but will be fixed in incremental patches
on the end of this queue.

Bruce

>
> Cheers,
>
> Bruce
>
> Aggregate summary of exported patches:
>
>  - openembedded-core branch=master : 15 patches
>  - meta-yocto branch=master : 6 patches
>
> Changes:
>   [01/15][openembedded-core] kern-tools: fix commit SHA reproducibility
>   [02/15][openembedded-core] linux-yocto/6.12: update to v6.12.61
>   [03/15][openembedded-core] linux-yocto/6.12: update CVE exclusions
>   [04/15][openembedded-core] linux-yocto/6.12: update to v6.12.62
>   [05/15][openembedded-core] linux-yocto/6.12: update CVE exclusions
>   [06/15][openembedded-core] linux-yocto/6.16: rust kernel configs
>   [07/15][openembedded-core] linux-yocto/6.17: update to v6.17.11
>   [08/15][openembedded-core] linux-yocto/6.17: update CVE exclusions
>   [09/15][openembedded-core] linux-yocto/6.17: rust kernel configs
>   [10/15][openembedded-core] linux-yocto/6.17: drop recipes
>   [11/15][openembedded-core] linux-yocto/6.18: introduce reference
>   [12/15][openembedded-core] linux-libc-headers: update to 6.18
>   [13/15][openembedded-core] linux-yocto/6.18: rust kernel configs
>   [14/15][openembedded-core] linux-yocto/6.18: update to v6.18.1
>   [15/15][openembedded-core] linux-yocto/6.18: update CVE exclusions
>   [01/06][meta-yocto] yocto-bsp: introduce 6.18 h/w reference
>   [02/06][meta-yocto] yocto-bsp/6.17: drop bbappend
>   [03/06][meta-yocto] poky-tiny: make 6.18 preferred kernel version
>   [04/06][meta-yocto] poky: make 6.18 preferred kernel version
>   [05/06][meta-yocto] poky-alt: make default kernel 6.18
>   [06/06][meta-yocto] yocto-bsp: genericx86: bump default kernel to 6.18
>
> ---
> Diffstat:
>   openembedded-core:
>     .../kern-tools/kern-tools-native_git.bb            |    2 +-
>     ...-headers_6.17.bb => linux-libc-headers_6.18.bb} |    3 +-
>     meta/recipes-kernel/linux/cve-exclusion_6.12.inc   |  632 +++++++++++-
>     ...e-exclusion_6.17.inc => cve-exclusion_6.18.inc} | 1040 ++++++++++++++++----
>     meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb   |    6 +-
>     meta/recipes-kernel/linux/linux-yocto-rt_6.16.bb   |    2 +-
>     ...nux-yocto-rt_6.17.bb => linux-yocto-rt_6.18.bb} |   12 +-
>     meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb |    6 +-
>     meta/recipes-kernel/linux/linux-yocto-tiny_6.16.bb |    2 +-
>     ...yocto-tiny_6.17.bb => linux-yocto-tiny_6.18.bb} |   12 +-
>     meta/recipes-kernel/linux/linux-yocto_6.12.bb      |   28 +-
>     meta/recipes-kernel/linux/linux-yocto_6.16.bb      |    4 +-
>     .../{linux-yocto_6.17.bb => linux-yocto_6.18.bb}   |   52 +-
>     13 files changed, 1526 insertions(+), 275 deletions(-)
>
>   meta-yocto:
>     meta-poky/conf/distro/include/poky-distro-alt-test-config.inc         | 2 +-
>     meta-poky/conf/distro/poky-tiny.conf                                  | 2 +-
>     meta-poky/conf/distro/poky.conf                                       | 4 ++--
>     meta-yocto-bsp/conf/machine/include/genericx86-common.inc             | 2 +-
>     .../linux/{linux-yocto_6.17.bbappend => linux-yocto_6.18.bbappend}    | 4 ++--
>     5 files changed, 7 insertions(+), 7 deletions(-)
>
> --
> 2.39.2
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#228143): https://lists.openembedded.org/g/openembedded-core/message/228143
> Mute This Topic: https://lists.openembedded.org/mt/116848895/1050810
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [bruce.ashfield@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>


-- 
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II

Re: [OE-core] [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Mathieu Dubois-Briand]

On Thu Dec 18, 2025 at 9:56 PM CET, Bruce Ashfield via lists.openembedded.org wrote:
> On Thu, Dec 18, 2025 at 3:22 PM Bruce Ashfield via
> lists.openembedded.org
> <bruce.ashfield=gmail.com@lists.openembedded.org> wrote:
>>
>> From: Bruce Ashfield <bruce.ashfield@gmail.com>
>>
>> Hi all,
>>
>> As discussed in the weekly engineering call, I'm sending this as
>> single series even though it crossed boundaries of the repositories.
>>
>> I don't have access to meta-yocto-contrib yet, so I haven't pushed
>> the component parts to contrib branches yet, but will do that for
>> future pull requests.
>>
>> I'm using this as a first run through some things I've cooked up
>> to coordinate the patches across the repos. The formatting is my
>> own, so apologies if it isn't clear .. and we'll see if it all
>>
>> Now to the series for OE-core:
>>
>>  - We have stable updates to 6.12
>>  - A kern-tools fix
>>  - Updates to 6.17
>>  - Removal of 6.17
>>  - Introduction of 6.18
>>  - Bump to libc-headers to 6.18
>>
>> I've built and booted what I can locally, and I know that the
>> major architectures work, and are functional with respect to
>> core features.
>>
>> I have more libc-headers testing running against meta-oe and
>> muslc, so there may be some breakage there and I'll help deal
>> with that if it happens.
>>
>> The update and then removal of 6.17 is on purpose. In case any
>> one was using it, they should get the latest tested before it
>> starts to be removed.
>>
>> For meta-yocto:
>>
>>   - removal of any remaining 6.17 references
>>   - introduction of 6.18
>>
>> The meta-yocto default changes are obviously REALLY RFC/RFT
>> there will be issues, but I've provided them anyway to make it
>> clear that we are going to 6.18 as the new default for all the
>> variants.
>>
>> Once we get 6.18 fully green and the h/w references udpated,
>> I'll remove 6.12 and 6.16 from master. That isn't in this series
>> by design.
>
>
> FYI: my extended testing shows a warning in the virtualization
> fragments. It isn't serious, but will be fixed in incremental patches
> on the end of this queue.
>
> Bruce
>

Hi Bruce,

Sorry, I was a bit late in testing this.

On my side I also get some issues in building strace, are you aware of
this?

ERROR: strace-6.17-r0 do_compile: Execution of '/srv/pokybuild/yocto-worker/genericx86-64/build/build/tmp/work/core2-64-poky-linux/strace/6.17/temp/run.do_compile.3198325' failed with exit code 1
...
| ../../sources/strace-6.17/src/listmount.c: In function 'print_mnt_id_req':
| ../../sources/strace-6.17/src/listmount.c:39:16: error: 'struct mnt_id_req' has no member named 'spare'
|    39 |         if (req.spare) {
|       |                ^
| In file included from ../../sources/strace-6.17/src/listmount.c:9:
| ../../sources/strace-6.17/src/print_fields.h:384:37: error: 'struct mnt_id_req' has no member named 'spare'
|   384 |                 PRINT_VAL_X((where_).field_);                           \
|       |                                     ^
| ../../sources/strace-6.17/src/defs.h:1910:17: note: in definition of macro 'zero_extend_signed_to_ull'
|  1910 |         (sizeof(v) == sizeof(char) ? (unsigned long long) (unsigned char) (v) : \
|       |                 ^
| ../../sources/strace-6.17/src/print_fields.h:384:17: note: in expansion of macro 'PRINT_VAL_X'
|   384 |                 PRINT_VAL_X((where_).field_);                           \
|       |                 ^~~~~~~~~~~
| ../../sources/strace-6.17/src/listmount.c:41:17: note: in expansion of macro 'PRINT_FIELD_X'
|    41 |                 PRINT_FIELD_X(req, spare);
|       |                 ^~~~~~~~~~~~~
| ../../sources/strace-6.17/src/print_fields.h:384:37: error: 'struct mnt_id_req' has no member named 'spare'
|   384 |                 PRINT_VAL_X((where_).field_);                           \
|       |                                     ^
...

https://autobuilder.yoctoproject.org/valkyrie/#/builders/4/builds/2904
https://autobuilder.yoctoproject.org/valkyrie/#/builders/19/builds/2895
https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2922
https://autobuilder.yoctoproject.org/valkyrie/#/builders/60/builds/2891

Thanks,
Mathieu

-- 
Mathieu Dubois-Briand, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

Re: [OE-core] [PATCH 0/21] linux-yocto: combined and consolidated pull request

[Bruce Ashfield]

On Mon, Dec 22, 2025 at 3:29 AM Mathieu Dubois-Briand
<mathieu.dubois-briand@bootlin.com> wrote:
>
> On Thu Dec 18, 2025 at 9:56 PM CET, Bruce Ashfield via lists.openembedded.org wrote:
> > On Thu, Dec 18, 2025 at 3:22 PM Bruce Ashfield via
> > lists.openembedded.org
> > <bruce.ashfield=gmail.com@lists.openembedded.org> wrote:
> >>
> >> From: Bruce Ashfield <bruce.ashfield@gmail.com>
> >>
> >> Hi all,
> >>
> >> As discussed in the weekly engineering call, I'm sending this as
> >> single series even though it crossed boundaries of the repositories.
> >>
> >> I don't have access to meta-yocto-contrib yet, so I haven't pushed
> >> the component parts to contrib branches yet, but will do that for
> >> future pull requests.
> >>
> >> I'm using this as a first run through some things I've cooked up
> >> to coordinate the patches across the repos. The formatting is my
> >> own, so apologies if it isn't clear .. and we'll see if it all
> >>
> >> Now to the series for OE-core:
> >>
> >>  - We have stable updates to 6.12
> >>  - A kern-tools fix
> >>  - Updates to 6.17
> >>  - Removal of 6.17
> >>  - Introduction of 6.18
> >>  - Bump to libc-headers to 6.18
> >>
> >> I've built and booted what I can locally, and I know that the
> >> major architectures work, and are functional with respect to
> >> core features.
> >>
> >> I have more libc-headers testing running against meta-oe and
> >> muslc, so there may be some breakage there and I'll help deal
> >> with that if it happens.
> >>
> >> The update and then removal of 6.17 is on purpose. In case any
> >> one was using it, they should get the latest tested before it
> >> starts to be removed.
> >>
> >> For meta-yocto:
> >>
> >>   - removal of any remaining 6.17 references
> >>   - introduction of 6.18
> >>
> >> The meta-yocto default changes are obviously REALLY RFC/RFT
> >> there will be issues, but I've provided them anyway to make it
> >> clear that we are going to 6.18 as the new default for all the
> >> variants.
> >>
> >> Once we get 6.18 fully green and the h/w references udpated,
> >> I'll remove 6.12 and 6.16 from master. That isn't in this series
> >> by design.
> >
> >
> > FYI: my extended testing shows a warning in the virtualization
> > fragments. It isn't serious, but will be fixed in incremental patches
> > on the end of this queue.
> >
> > Bruce
> >
>
> Hi Bruce,
>
> Sorry, I was a bit late in testing this.
>
> On my side I also get some issues in building strace, are you aware of
> this?
>
> ERROR: strace-6.17-r0 do_compile: Execution of '/srv/pokybuild/yocto-worker/genericx86-64/build/build/tmp/work/core2-64-poky-linux/strace/6.17/temp/run.do_compile.3198325' failed with exit code 1
> ...
> | ../../sources/strace-6.17/src/listmount.c: In function 'print_mnt_id_req':
> | ../../sources/strace-6.17/src/listmount.c:39:16: error: 'struct mnt_id_req' has no member named 'spare'
> |    39 |         if (req.spare) {
> |       |                ^
> | In file included from ../../sources/strace-6.17/src/listmount.c:9:
> | ../../sources/strace-6.17/src/print_fields.h:384:37: error: 'struct mnt_id_req' has no member named 'spare'
> |   384 |                 PRINT_VAL_X((where_).field_);                           \
> |       |                                     ^
> | ../../sources/strace-6.17/src/defs.h:1910:17: note: in definition of macro 'zero_extend_signed_to_ull'
> |  1910 |         (sizeof(v) == sizeof(char) ? (unsigned long long) (unsigned char) (v) : \
> |       |                 ^
> | ../../sources/strace-6.17/src/print_fields.h:384:17: note: in expansion of macro 'PRINT_VAL_X'
> |   384 |                 PRINT_VAL_X((where_).field_);                           \
> |       |                 ^~~~~~~~~~~
> | ../../sources/strace-6.17/src/listmount.c:41:17: note: in expansion of macro 'PRINT_FIELD_X'
> |    41 |                 PRINT_FIELD_X(req, spare);
> |       |                 ^~~~~~~~~~~~~
> | ../../sources/strace-6.17/src/print_fields.h:384:37: error: 'struct mnt_id_req' has no member named 'spare'
> |   384 |                 PRINT_VAL_X((where_).field_);                           \
> |       |                                     ^
> ...

I didn't see that, but our strace in OEcore must be just a bit out of date.

I'm off for the next week, but if I have time during the evenings, I'll fix
this up. Otherwise, it will be top of my list when I return.

Bruce

>
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/4/builds/2904
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/19/builds/2895
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/22/builds/2922
> https://autobuilder.yoctoproject.org/valkyrie/#/builders/60/builds/2891
>
> Thanks,
> Mathieu
>
> --
> Mathieu Dubois-Briand, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
>


-- 
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II