mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-20 08:29:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ddf3b3ecd4b1680dc0dedfd4eaebcf3441b14ca7
poky/meta/recipes-kernel/linux/cve-exclusion.inc
Ross Burton b0152a3464 linux-yocto: extract generic kernel CVE_STATUS 
Some of the CVE_STATUS assignments are not specific to the version, so
move them to an unversioned file and include it in the recipes.

For example: some CVEs are disputed, or are specific to other
distributions.

(From OE-Core rev: d8656d9d4dfcaef6b492f5bf4cb003f16d7a3a4b)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-08-09 21:48:11 +01:00

11 lines
566 B
PHP
Raw Blame History

CVE_STATUS[CVE-2018-6559] = "not-applicable-platform: Issue only affects Ubuntu"
CVE_STATUS[CVE-2020-11935] = "not-applicable-config: Issue only affects aufs, which is not in linux-yocto"
# Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b
# Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee
# But, the CVE is disputed:
CVE_STATUS[CVE-2023-23005] = "disputed: There are no realistic cases \
in which a user can cause the alloc_memory_type error case to be reached. \
See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2"
Reference in New Issue View Git Blame Copy Permalink