linux-yocto/6.12: update CVE exclusions (6.12.40)

Data pulled from: https://github.com/CVEProject/cvelistV5 1/1 [ Author: cvelistV5 Github Action Email: github_action@example.com Subject: 4 changes (1 new | 3 updated): - 1 new CVEs: CVE-2025-8126 - 3 updated CVEs: CVE-2025-31952, CVE-2025-31953, CVE-2025-31955 Date: Fri, 25 Jul 2025 02:18:30 +0000 ] (From OE-Core rev: 3dfad0c48a5b60bc9dd7c96c07ed914b020c463e) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e504bd7a9e908be0937d6fc9f6b9699b0acdc2aa) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-01-01 13:58:04 +00:00 · 2025-08-13 16:49:18 -04:00 · 2025-08-13 16:49:18 -04:00 · bc47b236c4
commit bc47b236c4
parent 487e8c7de1
1 changed files with 10 additions and 4 deletions
--- a/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.12.inc
@ -1,12 +1,12 @@

 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2025-07-18 14:17:49.367230+00:00 for kernel version 6.12.39
-# From linux_kernel_cves cve_2025-07-18_1400Z
+# Generated at 2025-07-25 02:49:32.259439+00:00 for kernel version 6.12.40
+# From linux_kernel_cves cve_2025-07-25_0100Z-1-g854b2f05e2c



 python check_kernel_cve_status_version() {
-    this_version = "6.12.39"
+    this_version = "6.12.40"
    kernel_version = d.getVar("LINUX_VERSION")
    if kernel_version != this_version:
        bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@ -12939,7 +12939,7 @@ CVE_STATUS[CVE-2025-22112] = "cpe-stable-backport: Backported in 6.12.35"

 CVE_STATUS[CVE-2025-22114] = "fixed-version: only affects 6.14 onwards"

-# CVE-2025-22115 needs backporting (fixed from 6.15)
+CVE_STATUS[CVE-2025-22115] = "cpe-stable-backport: Backported in 6.12.40"

 # CVE-2025-22116 needs backporting (fixed from 6.15)

@ -14237,6 +14237,12 @@ CVE_STATUS[CVE-2025-38348] = "cpe-stable-backport: Backported in 6.12.35"

 CVE_STATUS[CVE-2025-38349] = "cpe-stable-backport: Backported in 6.12.39"

+CVE_STATUS[CVE-2025-38350] = "cpe-stable-backport: Backported in 6.12.37"
+
+# CVE-2025-38351 needs backporting (fixed from 6.16rc6)
+
+CVE_STATUS[CVE-2025-38352] = "cpe-stable-backport: Backported in 6.12.34"
+
 CVE_STATUS[CVE-2025-38479] = "cpe-stable-backport: Backported in 6.12.23"

 CVE_STATUS[CVE-2025-38575] = "cpe-stable-backport: Backported in 6.12.23"