mirror of
https://git.yoctoproject.org/poky
synced 2026-03-06 15:29:40 +01:00
573c7b54e6
In commit 8a7af09feb the CVE_STATUS was copy from the old data for 6.6 kernel, which had backport information. Correcting status to when the fix was introduced and adding references to the fixes. Fixes: 8a7af09febc28477094de0999ab6321d910811b2 Reported-by: Peter Marko <Peter.Marko@siemens.com> (From OE-Core rev: fc3e32bc4cf79ddce0eb9fa409656de4dc0e00ea) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
158 lines
6.3 KiB
PHP
158 lines
6.3 KiB
PHP
CVE_STATUS[CVE-1999-0656] = "not-applicable-config: specific to ugidd, part of the old user-mode NFS server"
|
|
|
|
CVE_STATUS[CVE-2006-2932] = "not-applicable-platform: specific to RHEL"
|
|
|
|
CVE_STATUS[CVE-2007-2764] = "not-applicable-platform: specific to Sun/Brocade SilkWorm switches"
|
|
|
|
CVE_STATUS[CVE-2007-4998] = "cpe-incorrect: a historic cp bug, no longer an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=356471#c5"
|
|
|
|
CVE_STATUS[CVE-2008-2544] = "disputed: not an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=449089#c22"
|
|
|
|
CVE_STATUS[CVE-2010-0298] = "fixed-version: 2.6.34 (1871c6)"
|
|
|
|
CVE_STATUS[CVE-2014-2648] = "cpe-incorrect: not Linux"
|
|
|
|
CVE_STATUS[CVE-2016-0774] = "ignored: result of incomplete backport"
|
|
|
|
CVE_STATUS[CVE-2016-3695] = "not-applicable-platform: specific to RHEL with securelevel patches"
|
|
|
|
CVE_STATUS[CVE-2016-3699] = "not-applicable-platform: specific to RHEL with securelevel patches"
|
|
|
|
CVE_STATUS[CVE-2017-6264] = "not-applicable-platform: Android specific"
|
|
|
|
CVE_STATUS[CVE-2017-1000377] = "not-applicable-platform: GRSecurity specific"
|
|
|
|
CVE_STATUS[CVE-2018-6559] = "not-applicable-platform: Issue only affects Ubuntu"
|
|
|
|
CVE_STATUS[CVE-2020-11935] = "not-applicable-config: Issue only affects aufs, which is not in linux-yocto"
|
|
|
|
# Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b
|
|
# Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee
|
|
# But, the CVE is disputed:
|
|
CVE_STATUS[CVE-2023-23005] = "disputed: There are no realistic cases \
|
|
in which a user can cause the alloc_memory_type error case to be reached. \
|
|
See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2"
|
|
|
|
# Old CVES taken before using new data from kernel CNA
|
|
|
|
CVE_STATUS[CVE-2014-8171] = "fixed-version: Fixed from version 3.12rc1"
|
|
|
|
CVE_STATUS[CVE-2017-1000255] = "fixed-version: Fixed from version 4.14rc5"
|
|
|
|
CVE_STATUS[CVE-2018-10840] = "fixed-version: Fixed from version 4.18rc1"
|
|
|
|
CVE_STATUS[CVE-2018-10876] = "fixed-version: Fixed from version 4.18rc4"
|
|
|
|
CVE_STATUS[CVE-2018-10882] = "fixed-version: Fixed from version 4.18rc4"
|
|
|
|
CVE_STATUS[CVE-2018-10902] = "fixed-version: Fixed from version 4.18rc6"
|
|
|
|
CVE_STATUS[CVE-2018-14625] = "fixed-version: Fixed from version 4.20rc6"
|
|
|
|
CVE_STATUS[CVE-2019-3016] = "fixed-version: Fixed from version 5.6rc1"
|
|
|
|
CVE_STATUS[CVE-2019-3819] = "fixed-version: Fixed from version 5.0rc6"
|
|
|
|
CVE_STATUS[CVE-2019-3887] = "fixed-version: Fixed from version 5.1rc4"
|
|
|
|
CVE_STATUS[CVE-2020-10742] = "fixed-version: Fixed from version 3.16rc1"
|
|
|
|
CVE_STATUS[CVE-2020-16119] = "fixed-version: Fixed from version 5.15rc2"
|
|
|
|
CVE_STATUS[CVE-2020-1749] = "fixed-version: Fixed from version 5.5rc1"
|
|
|
|
CVE_STATUS[CVE-2020-25672] = "fixed-version: Fixed from version 5.12rc7"
|
|
|
|
CVE_STATUS[CVE-2020-27815] = "fixed-version: Fixed from version 5.11rc1"
|
|
|
|
CVE_STATUS[CVE-2020-8834] = "fixed-version: Fixed from version 4.18rc1"
|
|
|
|
CVE_STATUS[CVE-2021-20194] = "fixed-version: Fixed from version 5.10rc1"
|
|
|
|
CVE_STATUS[CVE-2021-20265] = "fixed-version: Fixed from version 4.5rc3"
|
|
|
|
CVE_STATUS[CVE-2021-3564] = "fixed-version: Fixed from version 5.13rc5"
|
|
|
|
CVE_STATUS[CVE-2021-3669] = "fixed-version: Fixed from version 5.15rc1"
|
|
|
|
CVE_STATUS[CVE-2021-3759] = "fixed-version: Fixed from version 5.15rc1"
|
|
|
|
CVE_STATUS[CVE-2021-4218] = "fixed-version: Fixed from version 5.8rc1"
|
|
|
|
CVE_STATUS[CVE-2022-0286] = "fixed-version: Fixed from version 5.14rc2"
|
|
|
|
CVE_STATUS[CVE-2022-1462] = "fixed-version: Fixed from version 5.19rc7"
|
|
|
|
CVE_STATUS[CVE-2022-2308] = "fixed-version: Fixed from version 6.0"
|
|
|
|
CVE_STATUS[CVE-2022-2327] = "fixed-version: Fixed from version 5.12rc1"
|
|
|
|
CVE_STATUS[CVE-2022-2663] = "fixed-version: Fixed from version 6.0rc5"
|
|
|
|
CVE_STATUS[CVE-2022-2785] = "fixed-version: Fixed from version 6.0rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3435] = "fixed-version: Fixed from version 6.1rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3523] = "fixed-version: Fixed from version 6.1rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3534] = "fixed-version: Fixed from version 6.2rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3566] = "fixed-version: Fixed from version 6.1rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3567] = "fixed-version: Fixed from version 6.1rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3619] = "fixed-version: Fixed from version 6.1rc4"
|
|
|
|
CVE_STATUS[CVE-2022-3621] = "fixed-version: Fixed from version 6.1rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3624] = "fixed-version: Fixed from version 6.0rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3629] = "fixed-version: Fixed from version 6.0rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3630] = "fixed-version: Fixed from version 6.0rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3633] = "fixed-version: Fixed from version 6.0rc1"
|
|
|
|
CVE_STATUS[CVE-2022-3636] = "fixed-version: Fixed from version 5.19rc1"
|
|
|
|
CVE_STATUS[CVE-2022-36402] = "fixed-version: Fixed from version 6.5"
|
|
|
|
CVE_STATUS[CVE-2022-3646] = "fixed-version: Fixed from version 6.1rc1"
|
|
|
|
CVE_STATUS[CVE-2022-42895] = "fixed-version: Fixed from version 6.1rc4"
|
|
|
|
CVE_STATUS[CVE-2022-4382] = "fixed-version: Fixed from version 6.2rc5"
|
|
|
|
CVE_STATUS[CVE-2023-1073] = "fixed-version: Fixed from version 6.2rc5"
|
|
|
|
CVE_STATUS[CVE-2023-1074] = "fixed-version: Fixed from version 6.2rc6"
|
|
|
|
CVE_STATUS[CVE-2023-1075] = "fixed-version: Fixed from version 6.2rc7"
|
|
|
|
CVE_STATUS[CVE-2023-1076] = "fixed-version: Fixed from version 6.3rc1"
|
|
|
|
CVE_STATUS[CVE-2023-2898] = "fixed-version: Fixed from version 6.5rc1"
|
|
|
|
CVE_STATUS[CVE-2023-3772] = "fixed-version: Fixed from version 6.5rc7"
|
|
|
|
CVE_STATUS[CVE-2023-3773] = "fixed-version: Fixed from version 6.5rc7"
|
|
|
|
CVE_STATUS[CVE-2023-4155] = "fixed-version: Fixed from version 6.5rc6"
|
|
|
|
CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2"
|
|
|
|
# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f98364e926626c678fb4b9004b75cacf92ff0662
|
|
CVE_STATUS[CVE-2023-6270] = "fixed-version: Fixed from 6.9"
|
|
|
|
# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=567320c46a60a3c39b69aa1df802d753817a3f86
|
|
CVE_STATUS[CVE-2023-6610] = "fixed-version: Fixed from 6.7rc7"
|
|
|
|
#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=65c95f78917ea6fa7ff189a2c19879c4fe161873
|
|
CVE_STATUS[CVE-2023-6679] = "fixed-version: Fixed from 6.7rc6"
|
|
|
|
#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ad25ee36f00172f7d53242dc77c69fff7ced0755
|
|
CVE_STATUS[CVE-2023-7042] = "fixed-version: Fixed from 6.9rc1"
|
|
|
|
#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a
|
|
CVE_STATUS[CVE-2024-0193] = "fixed-version: Fixed from 6.7"
|