cve-extra-exclusions: linux-yocto: ignore fixed CVE-2023-1652 & CVE-2023-1829

CVE-2023-1652 & CVE-2023-1829 are fixed by all version used by linux-yocto. Fixing commits are not referenced by NVD but are referenced by: * https://www.linuxkernelcves.com * Debian kernel-sec team ... this should be trust worthy enough. (From OE-Core rev: 8f9d6c5b0238641313387c139442566752a1d25d) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2023-04-23 20:04:18 +02:00
parent ef577b03d7
commit 8fba302211
1 changed files with 19 additions and 0 deletions
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -494,6 +494,25 @@ CVE_CHECK_IGNORE += "CVE-2023-1281"
 # Backported in version v6.1.13 747ca7c8a0c7bce004709143d1cd6596b79b1deb
 CVE_CHECK_IGNORE += "CVE-2023-1513"

+# https://nvd.nist.gov/vuln/detail/CVE-2023-1652
+# Patched in kernel since v6.2 e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd
+# Backported in version v5.15.91 0a27dcd5343026ac0cb168ee63304255372b7a36
+# Backported in version v6.1.9 32d5eb95f8f0e362e37c393310b13b9e95404560
+# Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1652
+# Ref: Debian kernel-sec team: https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/retired/CVE-2023-1652
+CVE_CHECK_IGNORE += "CVE-2023-1652"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1829
+# Patched in kernel since v6.3-rc1 8c710f75256bb3cf05ac7b1672c82b92c43f3d28
+# Backported in version v5.4.235 7a6fb69bbcb21e9ce13bdf18c008c268874f0480
+# Backported in version v5.10.173 18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6
+# Backported in version v5.15.100 7c183dc0af472dec33d2c0786a5e356baa8cad19
+# Backported in version v6.1.18 3abebc503a5148072052c229c6b04b329a420ecd
+# Backported in version v6.2.5 372ae77cf11d11fb118cbe2d37def9dd5f826abd
+# Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1829
+# Ref: Debian kernel-sec team : https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/active/CVE-2023-1829
+CVE_CHECK_IGNORE += "CVE-2023-1829"
+
 # https://nvd.nist.gov/vuln/detail/CVE-2023-23005
 # Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b
 # Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee