mirror of
https://git.yoctoproject.org/poky
synced 2026-03-11 17:59:39 +01:00
0dd973297d
Do manual review and disposition these CVEs as appropriate. (From OE-Core rev: a8db0735e228465715cf885d3b889fddfd68efc6) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
23 lines
1.0 KiB
PHP
23 lines
1.0 KiB
PHP
CVE_STATUS[CVE-2014-2648] = "cpe-incorrect: not Linux"
|
|
|
|
CVE_STATUS[CVE-2016-0774] = "ignored: result of incomplete backport"
|
|
|
|
CVE_STATUS[CVE-2016-3695] = "not-applicable-platform: specific to RHEL with securelevel patches"
|
|
|
|
CVE_STATUS[CVE-2016-3699] = "not-applicable-platform: specific to RHEL with securelevel patches"
|
|
|
|
CVE_STATUS[CVE-2017-6264] = "not-applicable-platform: Android specific"
|
|
|
|
CVE_STATUS[CVE-2017-1000377] = "not-applicable-platform: GRSecurity specific"
|
|
|
|
CVE_STATUS[CVE-2018-6559] = "not-applicable-platform: Issue only affects Ubuntu"
|
|
|
|
CVE_STATUS[CVE-2020-11935] = "not-applicable-config: Issue only affects aufs, which is not in linux-yocto"
|
|
|
|
# Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b
|
|
# Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee
|
|
# But, the CVE is disputed:
|
|
CVE_STATUS[CVE-2023-23005] = "disputed: There are no realistic cases \
|
|
in which a user can cause the alloc_memory_type error case to be reached. \
|
|
See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2"
|