summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNiko Mauno <niko.mauno@vaisala.com>2025-05-26 09:29:27 +0000
committerSteve Sakoman <steve@sakoman.com>2025-07-04 07:50:17 -0700
commit1b038ff8ed3b49b838c526ede8a7ce5fe9eb9ffd (patch)
treeb918e678c034f8d03a619884f7c891c55c8c8bea
parentde625a3c0f011ccba0fcf6d6722249063b83f384 (diff)
downloadpoky-1b038ff8ed3b49b838c526ede8a7ce5fe9eb9ffd.tar.gz
linux: cve-exclusions: Amend terminology
Replace the term 'needs backporting' with 'may need backporting' in generate-cve-exclusions.py when the checked kernel version may or may not be in the vulnerable version range, thus making backporting necessary only in the former case. In tandem we regenerate the content of cve-exclusion_6.12.inc using https://github.com/CVEProject/cvelistV5.git repository main branch at git hash b20d0043711588b6409ae3118bc0510ab888c316 to keep the content in sync with the script. (From OE-Core rev: f0d7546d7d67ed0244f1428a18850e700c678235) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit feb80e6be16f27611a018d0ef7841cbb466c47d1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-kernel/linux/cve-exclusion_6.12.inc142
-rwxr-xr-xmeta/recipes-kernel/linux/generate-cve-exclusions.py2
2 files changed, 72 insertions, 72 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
index c03ad19a3d..120b1b5ef7 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@@ -1,6 +1,6 @@
1 1
2# Auto-generated CVE metadata, DO NOT EDIT BY HAND. 2# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
3# Generated at 2025-05-24 12:02:58.590640+00:00 for version 6.12.27 3# Generated at 2025-05-24 12:18:11.126849+00:00 for version 6.12.27
4 4
5python check_kernel_cve_status_version() { 5python check_kernel_cve_status_version() {
6 this_version = "6.12.27" 6 this_version = "6.12.27"
@@ -12356,7 +12356,7 @@ CVE_STATUS[CVE-2025-22100] = "fixed-version: only affects 6.13 onwards"
12356 12356
12357# CVE-2025-22101 needs backporting (fixed from 6.15rc1) 12357# CVE-2025-22101 needs backporting (fixed from 6.15rc1)
12358 12358
12359# CVE-2025-22102 needs backporting (fixed from 6.12.30) 12359# CVE-2025-22102 may need backporting (fixed from 6.12.30)
12360 12360
12361# CVE-2025-22103 needs backporting (fixed from 6.15rc1) 12361# CVE-2025-22103 needs backporting (fixed from 6.15rc1)
12362 12362
@@ -12640,7 +12640,7 @@ CVE_STATUS[CVE-2025-37819] = "cpe-stable-backport: Backported in 6.12.26"
12640 12640
12641CVE_STATUS[CVE-2025-37820] = "cpe-stable-backport: Backported in 6.12.26" 12641CVE_STATUS[CVE-2025-37820] = "cpe-stable-backport: Backported in 6.12.26"
12642 12642
12643# CVE-2025-37821 needs backporting (fixed from 6.12.29) 12643# CVE-2025-37821 may need backporting (fixed from 6.12.29)
12644 12644
12645CVE_STATUS[CVE-2025-37822] = "cpe-stable-backport: Backported in 6.12.26" 12645CVE_STATUS[CVE-2025-37822] = "cpe-stable-backport: Backported in 6.12.26"
12646 12646
@@ -12776,99 +12776,99 @@ CVE_STATUS[CVE-2025-37888] = "cpe-stable-backport: Backported in 6.12.26"
12776 12776
12777CVE_STATUS[CVE-2025-37889] = "cpe-stable-backport: Backported in 6.12.20" 12777CVE_STATUS[CVE-2025-37889] = "cpe-stable-backport: Backported in 6.12.20"
12778 12778
12779# CVE-2025-37890 needs backporting (fixed from 6.12.28) 12779# CVE-2025-37890 may need backporting (fixed from 6.12.28)
12780 12780
12781# CVE-2025-37891 needs backporting (fixed from 6.12.28) 12781# CVE-2025-37891 may need backporting (fixed from 6.12.28)
12782 12782
12783CVE_STATUS[CVE-2025-37892] = "cpe-stable-backport: Backported in 6.12.24" 12783CVE_STATUS[CVE-2025-37892] = "cpe-stable-backport: Backported in 6.12.24"
12784 12784
12785CVE_STATUS[CVE-2025-37893] = "cpe-stable-backport: Backported in 6.12.23" 12785CVE_STATUS[CVE-2025-37893] = "cpe-stable-backport: Backported in 6.12.23"
12786 12786
12787# CVE-2025-37894 needs backporting (fixed from 6.12.28) 12787# CVE-2025-37894 may need backporting (fixed from 6.12.28)
12788 12788
12789# CVE-2025-37895 needs backporting (fixed from 6.12.28) 12789# CVE-2025-37895 may need backporting (fixed from 6.12.28)
12790 12790
12791CVE_STATUS[CVE-2025-37896] = "fixed-version: only affects 6.14 onwards" 12791CVE_STATUS[CVE-2025-37896] = "fixed-version: only affects 6.14 onwards"
12792 12792
12793# CVE-2025-37897 needs backporting (fixed from 6.12.28) 12793# CVE-2025-37897 may need backporting (fixed from 6.12.28)
12794 12794
12795CVE_STATUS[CVE-2025-37898] = "fixed-version: only affects 6.13 onwards" 12795CVE_STATUS[CVE-2025-37898] = "fixed-version: only affects 6.13 onwards"
12796 12796
12797# CVE-2025-37899 needs backporting (fixed from 6.12.28) 12797# CVE-2025-37899 may need backporting (fixed from 6.12.28)
12798 12798
12799# CVE-2025-37900 needs backporting (fixed from 6.12.28) 12799# CVE-2025-37900 may need backporting (fixed from 6.12.28)
12800 12800
12801# CVE-2025-37901 needs backporting (fixed from 6.12.28) 12801# CVE-2025-37901 may need backporting (fixed from 6.12.28)
12802 12802
12803CVE_STATUS[CVE-2025-37902] = "fixed-version: only affects 6.15rc5 onwards" 12803CVE_STATUS[CVE-2025-37902] = "fixed-version: only affects 6.15rc5 onwards"
12804 12804
12805# CVE-2025-37903 needs backporting (fixed from 6.12.28) 12805# CVE-2025-37903 may need backporting (fixed from 6.12.28)
12806 12806
12807CVE_STATUS[CVE-2025-37904] = "fixed-version: only affects 6.13 onwards" 12807CVE_STATUS[CVE-2025-37904] = "fixed-version: only affects 6.13 onwards"
12808 12808
12809# CVE-2025-37905 needs backporting (fixed from 6.12.28) 12809# CVE-2025-37905 may need backporting (fixed from 6.12.28)
12810 12810
12811# CVE-2025-37906 needs backporting (fixed from 6.15rc4) 12811# CVE-2025-37906 needs backporting (fixed from 6.15rc4)
12812 12812
12813# CVE-2025-37907 needs backporting (fixed from 6.12.28) 12813# CVE-2025-37907 may need backporting (fixed from 6.12.28)
12814 12814
12815# CVE-2025-37908 needs backporting (fixed from 6.12.28) 12815# CVE-2025-37908 may need backporting (fixed from 6.12.28)
12816 12816
12817# CVE-2025-37909 needs backporting (fixed from 6.12.28) 12817# CVE-2025-37909 may need backporting (fixed from 6.12.28)
12818 12818
12819# CVE-2025-37910 needs backporting (fixed from 6.12.28) 12819# CVE-2025-37910 may need backporting (fixed from 6.12.28)
12820 12820
12821# CVE-2025-37911 needs backporting (fixed from 6.12.28) 12821# CVE-2025-37911 may need backporting (fixed from 6.12.28)
12822 12822
12823# CVE-2025-37912 needs backporting (fixed from 6.12.28) 12823# CVE-2025-37912 may need backporting (fixed from 6.12.28)
12824 12824
12825# CVE-2025-37913 needs backporting (fixed from 6.12.28) 12825# CVE-2025-37913 may need backporting (fixed from 6.12.28)
12826 12826
12827# CVE-2025-37914 needs backporting (fixed from 6.12.28) 12827# CVE-2025-37914 may need backporting (fixed from 6.12.28)
12828 12828
12829# CVE-2025-37915 needs backporting (fixed from 6.12.28) 12829# CVE-2025-37915 may need backporting (fixed from 6.12.28)
12830 12830
12831# CVE-2025-37916 needs backporting (fixed from 6.12.28) 12831# CVE-2025-37916 may need backporting (fixed from 6.12.28)
12832 12832
12833# CVE-2025-37917 needs backporting (fixed from 6.12.28) 12833# CVE-2025-37917 may need backporting (fixed from 6.12.28)
12834 12834
12835# CVE-2025-37918 needs backporting (fixed from 6.12.28) 12835# CVE-2025-37918 may need backporting (fixed from 6.12.28)
12836 12836
12837# CVE-2025-37919 needs backporting (fixed from 6.12.28) 12837# CVE-2025-37919 may need backporting (fixed from 6.12.28)
12838 12838
12839# CVE-2025-37920 needs backporting (fixed from 6.12.28) 12839# CVE-2025-37920 may need backporting (fixed from 6.12.28)
12840 12840
12841# CVE-2025-37921 needs backporting (fixed from 6.12.28) 12841# CVE-2025-37921 may need backporting (fixed from 6.12.28)
12842 12842
12843# CVE-2025-37922 needs backporting (fixed from 6.12.28) 12843# CVE-2025-37922 may need backporting (fixed from 6.12.28)
12844 12844
12845# CVE-2025-37923 needs backporting (fixed from 6.12.28) 12845# CVE-2025-37923 may need backporting (fixed from 6.12.28)
12846 12846
12847# CVE-2025-37924 needs backporting (fixed from 6.12.28) 12847# CVE-2025-37924 may need backporting (fixed from 6.12.28)
12848 12848
12849# CVE-2025-37925 needs backporting (fixed from 6.15rc1) 12849# CVE-2025-37925 needs backporting (fixed from 6.15rc1)
12850 12850
12851# CVE-2025-37926 needs backporting (fixed from 6.12.28) 12851# CVE-2025-37926 may need backporting (fixed from 6.12.28)
12852 12852
12853# CVE-2025-37927 needs backporting (fixed from 6.12.28) 12853# CVE-2025-37927 may need backporting (fixed from 6.12.28)
12854 12854
12855# CVE-2025-37928 needs backporting (fixed from 6.12.28) 12855# CVE-2025-37928 may need backporting (fixed from 6.12.28)
12856 12856
12857# CVE-2025-37929 needs backporting (fixed from 6.12.28) 12857# CVE-2025-37929 may need backporting (fixed from 6.12.28)
12858 12858
12859# CVE-2025-37930 needs backporting (fixed from 6.12.28) 12859# CVE-2025-37930 may need backporting (fixed from 6.12.28)
12860 12860
12861# CVE-2025-37931 needs backporting (fixed from 6.12.28) 12861# CVE-2025-37931 may need backporting (fixed from 6.12.28)
12862 12862
12863# CVE-2025-37932 needs backporting (fixed from 6.12.28) 12863# CVE-2025-37932 may need backporting (fixed from 6.12.28)
12864 12864
12865# CVE-2025-37933 needs backporting (fixed from 6.12.28) 12865# CVE-2025-37933 may need backporting (fixed from 6.12.28)
12866 12866
12867# CVE-2025-37934 needs backporting (fixed from 6.12.28) 12867# CVE-2025-37934 may need backporting (fixed from 6.12.28)
12868 12868
12869# CVE-2025-37935 needs backporting (fixed from 6.12.28) 12869# CVE-2025-37935 may need backporting (fixed from 6.12.28)
12870 12870
12871# CVE-2025-37936 needs backporting (fixed from 6.12.28) 12871# CVE-2025-37936 may need backporting (fixed from 6.12.28)
12872 12872
12873CVE_STATUS[CVE-2025-37937] = "cpe-stable-backport: Backported in 6.12.23" 12873CVE_STATUS[CVE-2025-37937] = "cpe-stable-backport: Backported in 6.12.23"
12874 12874
@@ -12888,63 +12888,63 @@ CVE_STATUS[CVE-2025-37944] = "cpe-stable-backport: Backported in 6.12.25"
12888 12888
12889CVE_STATUS[CVE-2025-37945] = "cpe-stable-backport: Backported in 6.12.24" 12889CVE_STATUS[CVE-2025-37945] = "cpe-stable-backport: Backported in 6.12.24"
12890 12890
12891# CVE-2025-37946 needs backporting (fixed from 6.12.29) 12891# CVE-2025-37946 may need backporting (fixed from 6.12.29)
12892 12892
12893# CVE-2025-37947 needs backporting (fixed from 6.12.29) 12893# CVE-2025-37947 may need backporting (fixed from 6.12.29)
12894 12894
12895# CVE-2025-37948 needs backporting (fixed from 6.12.29) 12895# CVE-2025-37948 may need backporting (fixed from 6.12.29)
12896 12896
12897# CVE-2025-37949 needs backporting (fixed from 6.12.29) 12897# CVE-2025-37949 may need backporting (fixed from 6.12.29)
12898 12898
12899CVE_STATUS[CVE-2025-37950] = "fixed-version: only affects 6.14 onwards" 12899CVE_STATUS[CVE-2025-37950] = "fixed-version: only affects 6.14 onwards"
12900 12900
12901# CVE-2025-37951 needs backporting (fixed from 6.12.29) 12901# CVE-2025-37951 may need backporting (fixed from 6.12.29)
12902 12902
12903# CVE-2025-37952 needs backporting (fixed from 6.12.29) 12903# CVE-2025-37952 may need backporting (fixed from 6.12.29)
12904 12904
12905# CVE-2025-37953 needs backporting (fixed from 6.12.29) 12905# CVE-2025-37953 may need backporting (fixed from 6.12.29)
12906 12906
12907# CVE-2025-37954 needs backporting (fixed from 6.12.29) 12907# CVE-2025-37954 may need backporting (fixed from 6.12.29)
12908 12908
12909# CVE-2025-37955 needs backporting (fixed from 6.12.29) 12909# CVE-2025-37955 may need backporting (fixed from 6.12.29)
12910 12910
12911# CVE-2025-37956 needs backporting (fixed from 6.12.29) 12911# CVE-2025-37956 may need backporting (fixed from 6.12.29)
12912 12912
12913# CVE-2025-37957 needs backporting (fixed from 6.12.29) 12913# CVE-2025-37957 may need backporting (fixed from 6.12.29)
12914 12914
12915# CVE-2025-37958 needs backporting (fixed from 6.12.29) 12915# CVE-2025-37958 may need backporting (fixed from 6.12.29)
12916 12916
12917# CVE-2025-37959 needs backporting (fixed from 6.12.29) 12917# CVE-2025-37959 may need backporting (fixed from 6.12.29)
12918 12918
12919# CVE-2025-37960 needs backporting (fixed from 6.12.29) 12919# CVE-2025-37960 may need backporting (fixed from 6.12.29)
12920 12920
12921# CVE-2025-37961 needs backporting (fixed from 6.12.29) 12921# CVE-2025-37961 may need backporting (fixed from 6.12.29)
12922 12922
12923# CVE-2025-37962 needs backporting (fixed from 6.12.29) 12923# CVE-2025-37962 may need backporting (fixed from 6.12.29)
12924 12924
12925# CVE-2025-37963 needs backporting (fixed from 6.12.29) 12925# CVE-2025-37963 may need backporting (fixed from 6.12.29)
12926 12926
12927# CVE-2025-37964 needs backporting (fixed from 6.12.29) 12927# CVE-2025-37964 may need backporting (fixed from 6.12.29)
12928 12928
12929# CVE-2025-37965 needs backporting (fixed from 6.12.29) 12929# CVE-2025-37965 may need backporting (fixed from 6.12.29)
12930 12930
12931CVE_STATUS[CVE-2025-37966] = "fixed-version: only affects 6.13 onwards" 12931CVE_STATUS[CVE-2025-37966] = "fixed-version: only affects 6.13 onwards"
12932 12932
12933# CVE-2025-37967 needs backporting (fixed from 6.12.30) 12933# CVE-2025-37967 may need backporting (fixed from 6.12.30)
12934 12934
12935# CVE-2025-37968 needs backporting (fixed from 6.12.30) 12935# CVE-2025-37968 may need backporting (fixed from 6.12.30)
12936 12936
12937# CVE-2025-37969 needs backporting (fixed from 6.12.29) 12937# CVE-2025-37969 may need backporting (fixed from 6.12.29)
12938 12938
12939# CVE-2025-37970 needs backporting (fixed from 6.12.29) 12939# CVE-2025-37970 may need backporting (fixed from 6.12.29)
12940 12940
12941# CVE-2025-37971 needs backporting (fixed from 6.12.29) 12941# CVE-2025-37971 may need backporting (fixed from 6.12.29)
12942 12942
12943# CVE-2025-37972 needs backporting (fixed from 6.12.29) 12943# CVE-2025-37972 may need backporting (fixed from 6.12.29)
12944 12944
12945# CVE-2025-37973 needs backporting (fixed from 6.12.29) 12945# CVE-2025-37973 may need backporting (fixed from 6.12.29)
12946 12946
12947# CVE-2025-37974 needs backporting (fixed from 6.12.29) 12947# CVE-2025-37974 may need backporting (fixed from 6.12.29)
12948 12948
12949CVE_STATUS[CVE-2025-37975] = "cpe-stable-backport: Backported in 6.12.25" 12949CVE_STATUS[CVE-2025-37975] = "cpe-stable-backport: Backported in 6.12.25"
12950 12950
@@ -12976,9 +12976,9 @@ CVE_STATUS[CVE-2025-37988] = "cpe-stable-backport: Backported in 6.12.26"
12976 12976
12977CVE_STATUS[CVE-2025-37989] = "cpe-stable-backport: Backported in 6.12.26" 12977CVE_STATUS[CVE-2025-37989] = "cpe-stable-backport: Backported in 6.12.26"
12978 12978
12979# CVE-2025-37990 needs backporting (fixed from 6.12.28) 12979# CVE-2025-37990 may need backporting (fixed from 6.12.28)
12980 12980
12981# CVE-2025-37991 needs backporting (fixed from 6.12.28) 12981# CVE-2025-37991 may need backporting (fixed from 6.12.28)
12982 12982
12983CVE_STATUS[CVE-2025-38049] = "cpe-stable-backport: Backported in 6.12.23" 12983CVE_STATUS[CVE-2025-38049] = "cpe-stable-backport: Backported in 6.12.23"
12984 12984
diff --git a/meta/recipes-kernel/linux/generate-cve-exclusions.py b/meta/recipes-kernel/linux/generate-cve-exclusions.py
index ea59c15a01..b45c2d5702 100755
--- a/meta/recipes-kernel/linux/generate-cve-exclusions.py
+++ b/meta/recipes-kernel/linux/generate-cve-exclusions.py
@@ -141,7 +141,7 @@ do_cve_check[prefuncs] += "check_kernel_cve_status_version"
141 f'CVE_STATUS[{cve}] = "cpe-stable-backport: Backported in {backport_ver}"' 141 f'CVE_STATUS[{cve}] = "cpe-stable-backport: Backported in {backport_ver}"'
142 ) 142 )
143 else: 143 else:
144 print(f"# {cve} needs backporting (fixed from {backport_ver})") 144 print(f"# {cve} may need backporting (fixed from {backport_ver})")
145 else: 145 else:
146 print(f"# {cve} needs backporting (fixed from {fixed})") 146 print(f"# {cve} needs backporting (fixed from {fixed})")
147 147
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-26 06:14:14 +0000