more trivy

anthony-nhs · anthony-nhs · commit 66ec9fd76295 · 2026-03-16T18:11:34.000Z
diff --git a/src/common/.trivyignore.yaml b/src/common/.trivyignore.yaml
@@ -392,3 +392,43 @@ vulnerabilities:
     purls:
       - "pkg:golang/go.opentelemetry.io/otel/sdk@v1.38.0"
     expired_at: 2026-09-16
+  - id: CVE-2024-35870
+    statement: "kernel: smb: client: fix UAF in smb2_reconnect_server()"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=arm64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2024-53179
+    statement: "kernel: smb: client: fix use-after-free of signing key"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=arm64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2025-37899
+    statement: "kernel: ksmbd: fix use-after-free in session logoff"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=arm64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2025-38118
+    statement: "kernel: Linux kernel: Bluetooth MGMT use-after-free vulnerability allows privilege escalation"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=arm64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2024-35870
+    statement: "kernel: smb: client: fix UAF in smb2_reconnect_server()"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=amd64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2024-53179
+    statement: "kernel: smb: client: fix use-after-free of signing key"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=amd64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2025-37899
+    statement: "kernel: ksmbd: fix use-after-free in session logoff"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=amd64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
+  - id: CVE-2025-38118
+    statement: "kernel: Linux kernel: Bluetooth MGMT use-after-free vulnerability allows privilege escalation"
+    purls:
+      - "pkg:deb/ubuntu/linux-libc-dev@5.15.0-173.183?arch=amd64&distro=ubuntu-22.04"
+    expired_at: 2026-09-16
