[PATCH 0/4] kernel-yocto: -dev and -stable updates

Openembedded Core Discussions
 help / color / mirror / Atom feed

* [PATCH 0/4] kernel-yocto: -dev and -stable updates
@ 2025-07-16 13:48 bruce.ashfield
  2025-07-16 13:48 ` [PATCH 1/4] linux-yocto-dev: bump to v6.16 bruce.ashfield
                   ` (4 more replies)
  0 siblings, 5 replies; 6+ messages in thread
From: bruce.ashfield @ 2025-07-16 13:48 UTC (permalink / raw)
  To: richard.purdie; +Cc: openembedded-core

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Richard,

Here's the next set of kernel updates.

Some things of note:

  - 6.16 is my target refernce kernel for the upcoming release, and as it
    turned out, it took a bit longer to do some porting of features to the
    new base, but everything looks now. Even the -rt branches are updated
    with the latest. So some extra soak time on this -dev kernel is a good
    thing

  - I've also updated my release process to update the CVE tracking for the
    kernel, and you can see that commit here. If something is wrong, let
    me know and I'll fix how I'm doing it.

Cheers,

Bruce


The following changes since commit 853f8bfbb85af4437e35983ca7ab91d111bb9b75:

  dev-manual/start.rst: remove shared PERSISTENT_DIR mentions (2025-07-15 13:57:32 +0100)

are available in the Git repository at:

  https://git.yoctoproject.org/poky-contrib zedd/kernel
  https://git.yoctoproject.org/poky-contrib/log/?h=zedd/kernel

Bruce Ashfield (4):
  linux-yocto-dev: bump to v6.16
  kernel-devsrc/x86: add v6.16+ build requirements
  linux-yocto/6.12: update to v6.12.38
  linux-yocto/6.12: update CVE exclusions (6.12.38)

 .../linux/cve-exclusion_6.12.inc              | 228 +++++++++++++++++-
 meta/recipes-kernel/linux/kernel-devsrc.bb    |   1 +
 meta/recipes-kernel/linux/linux-yocto-dev.bb  |   4 +-
 .../linux/linux-yocto-rt_6.12.bb              |   6 +-
 .../linux/linux-yocto-tiny_6.12.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_6.12.bb |  28 +--
 6 files changed, 247 insertions(+), 26 deletions(-)

-- 
2.39.2



^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH 1/4] linux-yocto-dev: bump to v6.16
  2025-07-16 13:48 [PATCH 0/4] kernel-yocto: -dev and -stable updates bruce.ashfield
@ 2025-07-16 13:48 ` bruce.ashfield
  2025-07-16 13:48 ` [PATCH 2/4] kernel-devsrc/x86: add v6.16+ build requirements bruce.ashfield
                   ` (3 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: bruce.ashfield @ 2025-07-16 13:48 UTC (permalink / raw)
  To: richard.purdie; +Cc: openembedded-core

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/linux/linux-yocto-dev.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-dev.bb b/meta/recipes-kernel/linux/linux-yocto-dev.bb
index 4b1f93a692..a4aa6df256 100644
--- a/meta/recipes-kernel/linux/linux-yocto-dev.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-dev.bb
@@ -14,7 +14,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # provide this .inc to set specific revisions
 include recipes-kernel/linux/linux-yocto-dev-revisions.inc
 
-KBRANCH = "v6.15/standard/base"
+KBRANCH = "v6.16/standard/base"
 KMETA = "kernel-meta"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto-dev.git;branch=${KBRANCH};name=machine;protocol=https \
@@ -28,7 +28,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-dev.git;branch=${KBRANCH};name
 SRCREV_machine ?= '${@oe.utils.conditional("PREFERRED_PROVIDER_virtual/kernel", "linux-yocto-dev", "${AUTOREV}", "29594404d7fe73cd80eaa4ee8c43dcc53970c60e", d)}'
 SRCREV_meta ?= '${@oe.utils.conditional("PREFERRED_PROVIDER_virtual/kernel", "linux-yocto-dev", "${AUTOREV}", "29594404d7fe73cd80eaa4ee8c43dcc53970c60e", d)}'
 
-LINUX_VERSION ?= "6.15"
+LINUX_VERSION ?= "6.16"
 LINUX_VERSION_EXTENSION ?= "-yoctodev-${LINUX_KERNEL_TYPE}"
 PV = "${LINUX_VERSION}+git"
 
-- 
2.39.2



^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [PATCH 2/4] kernel-devsrc/x86: add v6.16+ build requirements
  2025-07-16 13:48 [PATCH 0/4] kernel-yocto: -dev and -stable updates bruce.ashfield
  2025-07-16 13:48 ` [PATCH 1/4] linux-yocto-dev: bump to v6.16 bruce.ashfield
@ 2025-07-16 13:48 ` bruce.ashfield
  2025-07-16 13:48 ` [PATCH 3/4] linux-yocto/6.12: update to v6.12.38 bruce.ashfield
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: bruce.ashfield @ 2025-07-16 13:48 UTC (permalink / raw)
  To: richard.purdie; +Cc: openembedded-core

From: Bruce Ashfield <bruce.ashfield@gmail.com>

We require cpufeaturemasks.awk to create the build components
for x86.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 meta/recipes-kernel/linux/kernel-devsrc.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-kernel/linux/kernel-devsrc.bb b/meta/recipes-kernel/linux/kernel-devsrc.bb
index 3d2eb3929e..0dc9772429 100644
--- a/meta/recipes-kernel/linux/kernel-devsrc.bb
+++ b/meta/recipes-kernel/linux/kernel-devsrc.bb
@@ -294,6 +294,7 @@ do_install() {
             cp -a --parents arch/x86/tools/relocs_common.c $kerneldir/build/
             cp -a --parents arch/x86/tools/relocs.h $kerneldir/build/
             cp -a --parents arch/x86/tools/gen-insn-attr-x86.awk $kerneldir/build/ 2>/dev/null || :
+            cp -a --parents arch/x86/tools/cpufeaturemasks.awk $kerneldir/build/ 2>/dev/null || :
             cp -a --parents arch/x86/purgatory/purgatory.c $kerneldir/build/
 
             # 4.18 + have unified the purgatory files, so we ignore any errors if
-- 
2.39.2



^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [PATCH 3/4] linux-yocto/6.12: update to v6.12.38
  2025-07-16 13:48 [PATCH 0/4] kernel-yocto: -dev and -stable updates bruce.ashfield
  2025-07-16 13:48 ` [PATCH 1/4] linux-yocto-dev: bump to v6.16 bruce.ashfield
  2025-07-16 13:48 ` [PATCH 2/4] kernel-devsrc/x86: add v6.16+ build requirements bruce.ashfield
@ 2025-07-16 13:48 ` bruce.ashfield
  2025-07-16 13:48 ` [PATCH 4/4] linux-yocto/6.12: update CVE exclusions (6.12.38) bruce.ashfield
  2025-07-17 10:07 ` [PATCH 0/4] kernel-yocto: -dev and -stable updates Richard Purdie
  4 siblings, 0 replies; 6+ messages in thread
From: bruce.ashfield @ 2025-07-16 13:48 UTC (permalink / raw)
  To: richard.purdie; +Cc: openembedded-core

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:

    259f4977409c Linux 6.12.38
    faac2abe895d x86/CPU/AMD: Properly check the TSA microcode
    fbad404f04d7 Linux 6.12.37
    0029b3c1320b x86/process: Move the buffer clearing before MONITOR
    331cfdd27429 x86/microcode/AMD: Add TSA microcode SHAs
    d5d66e31fd9a KVM: SVM: Advertise TSA CPUID bits to guests
    7a0395f6607a x86/bugs: Add a Transient Scheduler Attacks mitigation
    0720e436e594 x86/bugs: Rename MDS machinery to something more generic
    4c443046d8c9 mm: userfaultfd: fix race of userfaultfd_move and swap cache
    ead91de35d9c mm/vmalloc: fix data race in show_numa_info()
    679bf9a0ccb8 powerpc/kernel: Fix ppc_save_regs inclusion in build
    c782f98eef14 usb: typec: displayport: Fix potential deadlock
    f65ad436e4bc platform/x86: think-lmi: Fix sysfs group cleanup
    5805edbea588 platform/x86: think-lmi: Fix kobject cleanup
    b11397bf9ade platform/x86: think-lmi: Create ksets consecutively
    f5fe094f35a3 riscv: cpu_ops_sbi: Use static array for boot_data
    d8ca2036f30d powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed
    53892dc68693 iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU
    5f28563f0c68 optee: ffa: fix sleep in atomic context
    ccdc472b4df6 Logitech C-270 even more broken
    4c37963d67fb i2c/designware: Fix an initialization issue
    c745744a8231 dma-buf: fix timeout handling in dma_resv_wait_timeout v2
    631f9de9a7f4 cifs: all initializations for tcon should happen in tcon_info_alloc
    7b02e09fc0ba smb: client: fix readdir returning wrong type with POSIX extensions
    7cb875016032 usb: acpi: fix device link removal
    c68a27bbebbd usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume
    3b1407caac17 usb: dwc3: Abort suspend on soft disconnect failure
    27199ab79079 usb: cdnsp: Fix issue with CV Bad Descriptor test
    b68e355a6132 usb: cdnsp: do not disable slot for disabled slot
    46f758928156 Input: iqs7222 - explicitly define number of external channels
    dbdd2a232019 Input: xpad - support Acer NGR 200 Controller
    195597e0beb3 xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
    8bfd11dae3fb xhci: dbc: Flush queued requests before stopping dbc
    9f3b2e497deb xhci: dbctty: disable ECHO flag by default
    fbebc2254af8 usb: xhci: quirk for data loss in ISOC transfers
    9f7589318928 Revert "usb: xhci: Implement xhci_handshake_check_state() helper"
    8caccd2eac33 usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed
    1a81dfc9d10a NFSv4/flexfiles: Fix handling of NFS level errors in I/O
    5e110e867941 drm/xe: Allow dropping kunit dependency as built-in
    994b0bc2a0e8 drm/xe/bmg: Update Wa_22019338487
    beb89ada5715 IB/mlx5: Fix potential deadlock in MR deregistration
    f6588557023e RDMA/mlx5: Fix cache entry update on dereg error
    f94c422157f3 fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
    cdd9862252a0 module: Provide EXPORT_SYMBOL_GPL_FOR_MODULES() helper
    e036efbe5822 add a string-to-qstr constructor
    42c5a4b47d4a rcu: Return early if callback is not specified
    c40b207cafd0 mtd: spinand: fix memory leak of ECC engine conf
    18ff4ed6a33a ACPICA: Refuse to evaluate a method if arguments are missing
    327997afbb5e wifi: ath6kl: remove WARN on bad firmware input
    1b1026563999 wifi: mac80211: drop invalid source address OCB frames
    3e554f115374 aoe: defer rexmit timer downdev work to workqueue
    7296c938df24 scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
    3d546c8b1070 regulator: fan53555: add enable_time support and soft-start times
    2ec1cc322a01 ASoC: amd: yc: update quirk data for HP Victus
    39e36a744ec3 powerpc: Fix struct termio related ioctl macros
    19bd7597858d genirq/irq_sim: Initialize work context pointers properly
    c584b9b62c0c platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list
    f8155ee19ddc ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic
    c24c06bd14f2 ata: pata_cs5536: fix build on 32-bit UML
    3ce57d493dd8 ata: libata-acpi: Do not assume 40 wire cable if no devices are enabled
    f42b8e575395 ALSA: sb: Force to disable DMAs once when DMA mode is changed
    c5e0af68c899 ALSA: sb: Don't allow changing the DMA mode during operations
    3f6ce8433a90 drm/msm: Fix another leak in the submit error path
    0eaa495b3d57 drm/msm: Fix a fence leak in submit error path
    c0527f7534c0 scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag
    790ce73721ab sched_ext: Make scx_group_set_weight() always update tg->scx.weight
    7ccaa5fa5d25 drm/amdgpu/mes: add missing locking in helper functions
    238a218d422e arm64: dts: qcom: x1e80100-crd: mark l12b and l15b always-on
    646442758910 drm/amd/display: Add more checks for DSC / HUBP ONO guarantees
    81ebb8d755d9 drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13
    710deaff6aeb drm/i915/dp_mst: Work around Thunderbolt sink disconnect after SINK_COUNT_ESI read
    b47a1f9323c2 drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause
    4f77d8f8a93e drm/simpledrm: Do not upcast in release helpers
    acf9ab15ec97 selinux: change security_compute_sid to return the ssid or tsid on match
    6d0b588614c4 drm/xe/guc: Explicitly exit CT safe mode on unwind
    ff6482fb4589 drm/xe/guc: Dead CT helper
    e595433c6399 drm/xe: Replace double space with single space after comma
    0dadcd17e212 drm/xe: move DPT l2 flush to a more sensible place
    1883a83695fe drm/xe: Allow bo mapping on multiple ggtts
    ce1ef3b64ef7 drm/xe: add interface to request physical alignment for buffer objects
    98e5c71e7e74 drm/xe: Move DSB l2 flush to a more sensible place
    e5f01b2b6771 drm/xe: Fix DSB buffer coherency
    61628111e74f mfd: exynos-lpass: Fix another error handling path in exynos_lpass_probe()
    e0fefe9bc07e netfs: Fix oops in write-retry from mis-resetting the subreq iterator
    c2a952fb41cc remoteproc: k3-r5: Refactor sequential core power up/down operations
    b14a64c1a97f remoteproc: k3-r5: Use devm_rproc_add() helper
    0ea3572c15ad remoteproc: k3-r5: Use devm_ioremap_wc() helper
    e392148f7fa0 remoteproc: k3-r5: Use devm_kcalloc() helper
    f802fb717dfd remoteproc: k3-r5: Add devm action to release reserved memory
    5eec92eb4fe7 remoteproc: k3: Call of_node_put(rmem_np) only once in three functions
    5b6eb04c0552 ubsan: integer-overflow: depend on BROKEN to keep this out of CI
    f3a472b91408 arm64: dts: qcom: sm8650: add the missing l2 cache node
    5a867d09f533 arm64: dts: renesas: white-hawk-single: Improve Ethernet TSN description
    7f0e93324122 arm64: dts: renesas: Factor out White Hawk Single board support
    b9baad894b27 arm64: dts: renesas: Use interrupts-extended for Ethernet PHYs
    d8b92a122aed arm64: dts: qcom: sm8650: Fix domain-idle-state for CPU2
    67b3bb57fa17 arm64: dts: qcom: sm8650: change labels to lower-case
    4265682c29c9 bpf: Do not include stack ptr register in precision backtracking bookkeeping
    c5474a7b04cc bpf: use common instruction history across all states
    be1e0287ac78 hisi_acc_vfio_pci: bugfix the problem of uninstalling driver
    bac4641756c2 hisi_acc_vfio_pci: bugfix cache write-back issue
    ea405fb41449 scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk
    6857cbf0e4b3 scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask
    ae082dbcef5b scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure
    8912b139a8d4 f2fs: zone: fix to calculate first_zoned_segno correctly
    ffbbe11577b7 f2fs: zone: introduce first_zoned_segno in f2fs_sb_info
    58330262213a f2fs: decrease spare area for pinned files for zoned devices
    81fdecac3f2c iommu: ipmmu-vmsa: avoid Wformat-security warning
    7d151bf9bd2b RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug
    7e48e3ddf9e3 wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers
    3fffbb8d33de wifi: ath12k: Handle error cases during extended skb allocation
    316060297e20 wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path
    b77a5ecb3d3b bonding: Mark active offloaded xfrm_states
    b24c3c5b421e ACPI: thermal: Execute _SCP before reading trip points
    0c44a4095803 ACPI: thermal: Fix stale comment regarding trip points
    da45b381aafa ASoC: tas2764: Reinit cache on part reset
    d1f8358c5d35 ASoC: tas2764: Extend driver to SN012776
    9468bcd92d64 gfs2: Don't start unnecessary transactions during log flush
    519aed5bdab7 gfs2: Move gfs2_trans_add_databufs
    a2562bdd35e9 sched/fair: Fixup wake_up_sync() vs DELAYED_DEQUEUE
    3edcabcfc253 sched/fair: Add new cfs_rq.h_nr_runnable
    0cc4721a7182 sched/fair: Rename h_nr_running into h_nr_queued
    2dc82f0d781b btrfs: fix wrong start offset for delalloc space release during mmap write
    5ff2ed0f0aca btrfs: prepare btrfs_page_mkwrite() for large folios
    cde7f9407884 gfs2: deallocate inodes in gfs2_create_inode
    8e753fc3d5fb gfs2: Move GIF_ALLOC_FAILED check out of gfs2_ea_dealloc
    24ae2de15bda gfs2: Move gfs2_dinode_dealloc
    4f66983aeb02 gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE
    7df46e6f8847 gfs2: Add GLF_PENDING_REPLY flag
    fbb2d296d4ad gfs2: Decode missing glock flags in tracepoints
    9649fec0f9c2 gfs2: Prevent inode creation race
    af2ce45c2824 gfs2: Rename dinode_demise to evict_behavior
    862ca0b49f1a gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE
    170af4314e4d gfs2: Initialize gl_no_formal_ino earlier
    33b65fcec79e kunit: qemu_configs: Disable faulting tests on 32-bit SPARC
    b70cda91569a kunit: qemu_configs: sparc: Explicitly enable CONFIG_SPARC32=y
    a55f301e607c kunit: qemu_configs: sparc: use Zilog console
    8a039506c032 crypto: zynqmp-sha - Add locking
    d78f79a2c1ff spinlock: extend guard with spinlock_bh variants
    9a0b8ef2a91b crypto: iaa - Do not clobber req->base.data
    e23ac0026624 crypto: iaa - Remove dst_null support
    3f4adfc58700 arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma
    2ba9db22d72a smb: client: fix race condition in negotiate timeout by using more precise timing
    4db893a9bf9e amd-xgbe: do not double read link status
    a553afd91f55 net/sched: Always pass notifications when child class becomes empty
    56aebaaa3adc nui: Fix dma_mapping_error() check
    446ac00b86be rose: fix dangling neighbour pointers in rose_rt_device_down()
    16858ab7fd61 enic: fix incorrect MTU comparison in enic_change_mtu()
    6074bff08ac2 amd-xgbe: align CL37 AN sequence as per databook
    f358d949cea2 lib: test_objagg: Set error message in check_expect_hints_stats()
    50c86c094533 netfs: Fix i_size updating
    9b55b7bdb0bb smb: client: set missing retry flag in cifs_writev_callback()
    590eb2574929 smb: client: set missing retry flag in cifs_readv_callback()
    cd8c8c20de3b smb: client: set missing retry flag in smb2_writev_callback()
    3eb39038dca3 igc: disable L1.2 PCI-E link substate to avoid performance issue
    9a36715cd6bc idpf: convert control queue mutex to a spinlock
    018ff57fd79c idpf: return 0 size for RSS key if not supported
    6a17e0d27fbe drm/i915/gsc: mei interrupt top half should be in irq disabled context
    5a7ae7bebdc4 drm/i915/gt: Fix timeline left held on VMA alloc error
    510a6095d754 net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect
    3f6932ef2537 smb: client: fix warning when reconnecting channel
    6a5348dbd745 drm/bridge: aux-hpd-bridge: fix assignment of the of_node
    800a6bde38f9 platform/mellanox: mlxreg-lc: Fix logic error in power state check
    206e2dca0ee5 platform/x86: dell-wmi-sysman: Fix class device unregistration
    8d6b2f704f6e platform/x86: dell-sysman: Directly use firmware_attributes_class
    48edcece52e0 platform/x86: think-lmi: Fix class device unregistration
    1cef9e9e0090 platform/x86: think-lmi: Directly use firmware_attributes_class
    b36faa83285f platform/x86: firmware_attributes_class: Simplify API
    b5c180ec1fbc platform/x86: firmware_attributes_class: Move include linux/device/class.h
    1958bccfa47a platform/x86: hp-bioscfg: Fix class device unregistration
    0386a68f959a platform/x86: hp-bioscfg: Directly use firmware_attributes_class
    5df3b870bc38 platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
    431e58d56fcb nvmet: fix memory leak of bio integrity
    f0fee863a7cb nvme: Fix incorrect cdw15 value in passthru error logging
    9d4064787d8d drm/i915/selftests: Change mock_request() to return error pointers
    3832ddc2fae8 spi: spi-fsl-dspi: Clear completion counter before initiating transfer
    0a38b1836894 drm/exynos: fimd: Guard display clock control with runtime PM calls
    dbd187e8c18c dpaa2-eth: fix xdp_rxq_info leak
    91a6b86d5845 ethernet: atl1: Add missing DMA mapping error checks and count errors
    735ac80fa913 btrfs: use btrfs_record_snapshot_destroy() during rmdir
    bfd5c9e83d89 btrfs: propagate last_unlink_trans earlier when doing a rmdir
    1728fef7ca37 btrfs: record new subvolume in parent dir earlier to avoid dir logging races
    d6d806004605 btrfs: fix inode lookup error handling during log replay
    401d098f92ea btrfs: fix invalid inode pointer dereferences during log replay
    0502d1127436 btrfs: return a btrfs_inode from read_one_inode()
    56e9882ba22f btrfs: return a btrfs_inode from btrfs_iget_logging()
    7ac790dc2ba0 btrfs: fix iteration of extrefs during log replay
    e4c3176acecf btrfs: fix missing error handling when searching for inode refs during log replay
    381c1c121979 Bluetooth: Prevent unintended pause by checking if advertising is active
    b611a5bf44e2 platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message
    4bbdb8dd35b4 platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1
    bd69049f981d RDMA/mlx5: Fix vport loopback for MPV device
    3d8d401d3333 RDMA/mlx5: Fix CC counters query for MPV
    a33a0c15b762 RDMA/mlx5: Fix HW counters query for non-representor devices
    e4ff9dedeb56 scsi: ufs: core: Fix spelling of a sysfs attribute name
    b1abc5ab47d6 scsi: sd: Fix VPD page 0xb7 length check
    218ae6bfe253 scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu()
    350dae778b63 scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database()
    864a54c1243e NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN
    3c94212b57be nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.
    93fccfa71c66 RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert
    9d2ef890e499 RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling
    f5fe78cfcba1 platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment
    896e0d9337b5 arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename
    31405510a48d firmware: arm_ffa: Replace mutex with rwlock to avoid sleep in atomic context
    2c07fd0eada8 firmware: arm_ffa: Move memory allocation outside the mutex locking
    076fa20b4f57 firmware: arm_ffa: Fix memory leak by freeing notifier callback node
    9ff95ed0371a drm/v3d: Disable interrupts before resetting the GPU
    ca40e57b22a0 mtk-sd: reset host->mrq on prepare_data() error
    3419bc6a7b65 mtk-sd: Prevent memory corruption from DMA map failure
    cfbdcabab2fb mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data
    5581e694d3a1 usb: typec: altmodes/displayport: do not index invalid pin_assignments
    ea20568895c1 Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt()
    e4d19e5d71b2 regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods
    dae12bc688b8 iommufd/selftest: Fix iommufd_dirty_tracking with large hugepage sizes
    a99f80c88a97 Bluetooth: MGMT: mesh_send: check instances prior disabling advertising
    44bb1e13b454 Bluetooth: MGMT: set_mesh: update LE scan interval and window
    3672fe9d1ed6 Bluetooth: hci_sync: revert some mesh modifications
    0698a2eb7d89 Bluetooth: HCI: Set extended advertising data synchronously
    50345c93698e mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier
    ec9be081c577 Revert "mmc: sdhci: Disable SD card clock before changing parameters"
    cf7235914dc4 mmc: sdhci: Add a helper function for dump register in dynamic debug mode
    9546118ba789 net: libwx: fix the incorrect display of the queue number
    75705b44e0b9 vsock/vmci: Clear the vmci transport packet properly when initializing it
    e036b72d6a16 net: txgbe: request MISC IRQ in ndo_open
    a54280b0eb99 s390/pci: Do not try re-enabling load/store if device is disabled
    2640c230aac4 s390/pci: Fix stale function handles in error handling
    bc68bc356334 virtio-net: ensure the received length does not exceed allocated size
    892f6ed9a4a3 virtio-net: xsk: rx: fix the frame's length check
    bd6c1932ac9c rtc: cmos: use spin_lock_irqsave in cmos_interrupt
    ee61aec8529e rtc: pcf2127: fix SPI command byte for PCF2131
    669e6c723b32 rtc: pcf2127: add missing semicolon after statement

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/linux-yocto-rt_6.12.bb              |  6 ++--
 .../linux/linux-yocto-tiny_6.12.bb            |  6 ++--
 meta/recipes-kernel/linux/linux-yocto_6.12.bb | 28 +++++++++----------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
index baa13c866e..42ad0cbef0 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.12.bb
@@ -14,13 +14,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "6f409db4f0082642197240f39b8a58850c8eb884"
-SRCREV_meta ?= "f8cd1607519efd135e4037c84b6e42684b12c5a8"
+SRCREV_machine ?= "2aa940a9e5701e5b4107d0250da79a52e01da34a"
+SRCREV_meta ?= "5db57044962c6155c4e82f06d87e90dfe49a59e6"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
 
-LINUX_VERSION ?= "6.12.36"
+LINUX_VERSION ?= "6.12.38"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
index ec2136f035..452e3f0eb2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.12.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
 # CVE exclusions
 include recipes-kernel/linux/cve-exclusion_6.12.inc
 
-LINUX_VERSION ?= "6.12.36"
+LINUX_VERSION ?= "6.12.38"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_meta ?= "f8cd1607519efd135e4037c84b6e42684b12c5a8"
+SRCREV_machine ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_meta ?= "5db57044962c6155c4e82f06d87e90dfe49a59e6"
 
 PV = "${LINUX_VERSION}+git"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.12.bb b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
index 205c8a3ed5..b9ae0954fa 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.12.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.12.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86.104 ?= "v6.12/standard/base"
 KBRANCH:qemuloongarch64  ?= "v6.12/standard/base"
 KBRANCH:qemumips64 ?= "v6.12/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "511b6848cd392ee9bbc841794a5e905f4db31689"
-SRCREV_machine:qemuarm64 ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemuloongarch64 ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemumips ?= "afbfb2216d4f16a231b834922a937641864c8931"
-SRCREV_machine:qemuppc ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemuriscv64 ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemuriscv32 ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemux86 ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemux86-64 ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_machine:qemumips64 ?= "707ad7179119ed07e5911b61b08b7b11d2c9a352"
-SRCREV_machine ?= "5633e9a98a153afa6b2051b116faef6c5e855bd8"
-SRCREV_meta ?= "f8cd1607519efd135e4037c84b6e42684b12c5a8"
+SRCREV_machine:qemuarm ?= "c2755158bc029faf978e980235471b0f0e864814"
+SRCREV_machine:qemuarm64 ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemuloongarch64 ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemumips ?= "facf6694c9bdcaa9efb2d46a2c6e8e30fc72cdd3"
+SRCREV_machine:qemuppc ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemuriscv64 ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemuriscv32 ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemux86 ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemux86-64 ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_machine:qemumips64 ?= "4ef2a68a188df7f561f5e297c4a3bab7e79e426f"
+SRCREV_machine ?= "fa4b881d24f752a559d8e1f75ed08895ef20b14d"
+SRCREV_meta ?= "5db57044962c6155c4e82f06d87e90dfe49a59e6"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
 # get the <version>/base branch, which is pure upstream -stable, and the same
 # meta SRCREV as the linux-yocto-standard builds. Select your version using the
 # normal PREFERRED_VERSION settings.
 BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "df64e51d4ab83244b6a4eb11eb41f89403611e24"
+SRCREV_machine:class-devupstream ?= "259f4977409c87a980fa2227b7c76a2fe3fb8c2f"
 PN:class-devupstream = "linux-yocto-upstream"
 KBRANCH:class-devupstream = "v6.12/base"
 
@@ -44,7 +44,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.12;destsuffix=${KMETA};protocol=https"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.12.36"
+LINUX_VERSION ?= "6.12.38"
 
 PV = "${LINUX_VERSION}+git"
 
-- 
2.39.2



^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [PATCH 4/4] linux-yocto/6.12: update CVE exclusions (6.12.38)
  2025-07-16 13:48 [PATCH 0/4] kernel-yocto: -dev and -stable updates bruce.ashfield
                   ` (2 preceding siblings ...)
  2025-07-16 13:48 ` [PATCH 3/4] linux-yocto/6.12: update to v6.12.38 bruce.ashfield
@ 2025-07-16 13:48 ` bruce.ashfield
  2025-07-17 10:07 ` [PATCH 0/4] kernel-yocto: -dev and -stable updates Richard Purdie
  4 siblings, 0 replies; 6+ messages in thread
From: bruce.ashfield @ 2025-07-16 13:48 UTC (permalink / raw)
  To: richard.purdie; +Cc: openembedded-core

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.12.inc              | 228 +++++++++++++++++-
 1 file changed, 224 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index 98e90078d4..02931bbf79 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-07-09 07:57:09.220247+00:00 for kernel version 6.12.36
-# From cvelistV5 cve_2025-07-09_0700Z-1-gca2b12e7c08
+# Generated at 2025-07-15 14:54:42.649263+00:00 for kernel version 6.12.38
+# From linux_kernel_cves cve_2025-07-15_1400Z-4-gc77733e1fe6
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.12.36"
+    this_version = "6.12.38"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -13816,7 +13816,7 @@ CVE_STATUS[CVE-2025-38136] = "cpe-stable-backport: Backported in 6.12.34"
 
 CVE_STATUS[CVE-2025-38138] = "cpe-stable-backport: Backported in 6.12.34"
 
-# CVE-2025-38139 needs backporting (fixed from 6.16rc1)
+CVE_STATUS[CVE-2025-38139] = "cpe-stable-backport: Backported in 6.12.37"
 
 # CVE-2025-38140 needs backporting (fixed from 6.16rc1)
 
@@ -14014,8 +14014,228 @@ CVE_STATUS[CVE-2025-38236] = "cpe-stable-backport: Backported in 6.12.36"
 
 # CVE-2025-38237 needs backporting (fixed from 6.16rc1)
 
+CVE_STATUS[CVE-2025-38238] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38239] = "cpe-stable-backport: Backported in 6.12.36"
+
 CVE_STATUS[CVE-2025-38240] = "cpe-stable-backport: Backported in 6.12.23"
 
+CVE_STATUS[CVE-2025-38241] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38242] = "cpe-stable-backport: Backported in 6.12.37"
+
+CVE_STATUS[CVE-2025-38243] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38244] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38245] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38246] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38247] = "fixed-version: only affects 6.15 onwards"
+
+# CVE-2025-38248 needs backporting (fixed from 6.16rc4)
+
+CVE_STATUS[CVE-2025-38249] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38250] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38251] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38252] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38253] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38254] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38255] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38256] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38257] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38258] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38259] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38260] = "cpe-stable-backport: Backported in 6.12.36"
+
+# CVE-2025-38261 needs backporting (fixed from 6.16rc1)
+
+CVE_STATUS[CVE-2025-38262] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38263] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38264] = "cpe-stable-backport: Backported in 6.12.36"
+
+CVE_STATUS[CVE-2025-38265] = "cpe-stable-backport: Backported in 6.12.33"
+
+CVE_STATUS[CVE-2025-38266] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38267] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38268] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38269] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38270] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38271] = "fixed-version: only affects 6.15 onwards"
+
+# CVE-2025-38272 needs backporting (fixed from 6.16rc1)
+
+CVE_STATUS[CVE-2025-38273] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38274] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38275] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38276] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38277] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38278] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38279] = "cpe-stable-backport: Backported in 6.12.37"
+
+CVE_STATUS[CVE-2025-38280] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38281] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38282] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38283] = "cpe-stable-backport: Backported in 6.12.34"
+
+# CVE-2025-38284 needs backporting (fixed from 6.16rc1)
+
+CVE_STATUS[CVE-2025-38285] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38286] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38287] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38288] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38289] = "cpe-stable-backport: Backported in 6.12.37"
+
+CVE_STATUS[CVE-2025-38290] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38291] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38292] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38293] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38294] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38295] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38296] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38297] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38298] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38299] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38300] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38301] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38302] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38303] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38304] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38305] = "cpe-stable-backport: Backported in 6.12.34"
+
+# CVE-2025-38306 needs backporting (fixed from 6.16rc1)
+
+CVE_STATUS[CVE-2025-38307] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38308] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38309] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38310] = "cpe-stable-backport: Backported in 6.12.34"
+
+# CVE-2025-38311 needs backporting (fixed from 6.16rc1)
+
+CVE_STATUS[CVE-2025-38312] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38313] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38314] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38315] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38316] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38317] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38318] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38319] = "cpe-stable-backport: Backported in 6.12.34"
+
+CVE_STATUS[CVE-2025-38320] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38321] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38322] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38323] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38324] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38325] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38326] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38327] = "fixed-version: only affects 6.15 onwards"
+
+CVE_STATUS[CVE-2025-38328] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38329] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38330] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38331] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38332] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38333] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38334] = "cpe-stable-backport: Backported in 6.12.35"
+
+# CVE-2025-38335 needs backporting (fixed from 6.16rc1)
+
+CVE_STATUS[CVE-2025-38336] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38337] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38338] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38339] = "fixed-version: only affects 6.13 onwards"
+
+CVE_STATUS[CVE-2025-38340] = "fixed-version: only affects 6.14 onwards"
+
+CVE_STATUS[CVE-2025-38341] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38342] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38343] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38344] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38345] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38346] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38347] = "cpe-stable-backport: Backported in 6.12.35"
+
+CVE_STATUS[CVE-2025-38348] = "cpe-stable-backport: Backported in 6.12.35"
+
 CVE_STATUS[CVE-2025-38479] = "cpe-stable-backport: Backported in 6.12.23"
 
 CVE_STATUS[CVE-2025-38575] = "cpe-stable-backport: Backported in 6.12.23"
-- 
2.39.2



^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH 0/4] kernel-yocto: -dev and -stable updates
  2025-07-16 13:48 [PATCH 0/4] kernel-yocto: -dev and -stable updates bruce.ashfield
                   ` (3 preceding siblings ...)
  2025-07-16 13:48 ` [PATCH 4/4] linux-yocto/6.12: update CVE exclusions (6.12.38) bruce.ashfield
@ 2025-07-17 10:07 ` Richard Purdie
  4 siblings, 0 replies; 6+ messages in thread
From: Richard Purdie @ 2025-07-17 10:07 UTC (permalink / raw)
  To: bruce.ashfield; +Cc: openembedded-core

On Wed, 2025-07-16 at 09:48 -0400, bruce.ashfield@gmail.com wrote:
> Here's the next set of kernel updates.
> 
> Some things of note:
> 
>   - 6.16 is my target refernce kernel for the upcoming release, and as it
>     turned out, it took a bit longer to do some porting of features to the
>     new base, but everything looks now. Even the -rt branches are updated
>     with the latest. So some extra soak time on this -dev kernel is a good
>     thing

Sounds good to me.

> 
>   - I've also updated my release process to update the CVE tracking for the
>     kernel, and you can see that commit here. If something is wrong, let
>     me know and I'll fix how I'm doing it.

The name of the repo changed in the comment but I don't think it
matters and I'm happy to see the update, thanks!

I tested them on the autobuilder overnight and merged this morning.

Cheers,

Richard


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2025-07-17 10:07 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-16 13:48 [PATCH 0/4] kernel-yocto: -dev and -stable updates bruce.ashfield
2025-07-16 13:48 ` [PATCH 1/4] linux-yocto-dev: bump to v6.16 bruce.ashfield
2025-07-16 13:48 ` [PATCH 2/4] kernel-devsrc/x86: add v6.16+ build requirements bruce.ashfield
2025-07-16 13:48 ` [PATCH 3/4] linux-yocto/6.12: update to v6.12.38 bruce.ashfield
2025-07-16 13:48 ` [PATCH 4/4] linux-yocto/6.12: update CVE exclusions (6.12.38) bruce.ashfield
2025-07-17 10:07 ` [PATCH 0/4] kernel-yocto: -dev and -stable updates Richard Purdie

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox