Hello Mikko, Thank you for the link to linux_kernel_cves, it will be very helpful.
For the target version, since yocto allow building image for kernel version 6.1 and 5.15, we preferred to only add to the ignored list CVE patched in both this versions to avoid adding false negatives. Concerning the CVE listed in your mail, the first two are still under analysis on NVD site and therefore do not appear (yocto tools use NVD database to get CVE information). For the last one, the patch was not yet back ported when I did the analysis. Regards, Geoffrey GIRY SMILE ECS - R&D Engineer
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#177965): https://lists.openembedded.org/g/openembedded-core/message/177965 Mute This Topic: https://lists.openembedded.org/mt/97263529/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
