From 548fbd1b50df613c5c2646c35c4fc948dc2046b4 Mon Sep 17 00:00:00 2001 From: Tad Date: Sun, 29 Oct 2017 16:25:37 -0400 Subject: [PATCH] New patchers --- .../Linux_CVEs-New/CVE-2016-2185/ANY/1.patch | 109 ------------------ .../Linux_CVEs-New/CVE-2016-2186/ANY/1.patch | 38 ------ .../Linux_CVEs-New/CVE-2017-5669/ANY/0.patch | 70 ----------- .../Linux_CVEs-New/CVE-2017-6074/ANY/1.patch | 47 -------- .../android_kernel_amazon_hdx-common.sh | 41 +++++++ .../CVE_Patchers/android_kernel_lge_mako.sh | 5 + .../android_kernel_motorola_msm8992.sh | 85 ++++++++++++++ .../android_kernel_oneplus_msm8974.sh | 18 +++ 8 files changed, 149 insertions(+), 264 deletions(-) delete mode 100644 Patches/Linux_CVEs-New/CVE-2016-2185/ANY/1.patch delete mode 100644 Patches/Linux_CVEs-New/CVE-2016-2186/ANY/1.patch delete mode 100644 Patches/Linux_CVEs-New/CVE-2017-5669/ANY/0.patch delete mode 100644 Patches/Linux_CVEs-New/CVE-2017-6074/ANY/1.patch create mode 100644 Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_amazon_hdx-common.sh create mode 100644 Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_mako.sh create mode 100644 Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh create mode 100644 Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh diff --git a/Patches/Linux_CVEs-New/CVE-2016-2185/ANY/1.patch b/Patches/Linux_CVEs-New/CVE-2016-2185/ANY/1.patch deleted file mode 100644 index 9cf00e3d..00000000 --- a/Patches/Linux_CVEs-New/CVE-2016-2185/ANY/1.patch +++ /dev/null @@ -1,109 +0,0 @@ -From 37735ed2c8c12e9671a3742d6b9028bad43852df Mon Sep 17 00:00:00 2001 -From: Vladis Dronov -Date: Wed, 23 Mar 2016 11:53:46 -0700 -Subject: [PATCH] Input: ati_remote2 - fix crashes on detecting device with - invalid descriptor - -[ Upstream commit 950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d ] - -The ati_remote2 driver expects at least two interfaces with one -endpoint each. If given malicious descriptor that specify one -interface or no endpoints, it will crash in the probe function. -Ensure there is at least two interfaces and one endpoint for each -interface before using it. - -The full disclosure: http://seclists.org/bugtraq/2016/Mar/90 - -Reported-by: Ralf Spenneberg -Signed-off-by: Vladis Dronov -Cc: stable@vger.kernel.org -Signed-off-by: Dmitry Torokhov -Signed-off-by: Sasha Levin ---- - drivers/input/misc/ati_remote2.c | 36 ++++++++++++++++++++++++++++++------ - 1 file changed, 30 insertions(+), 6 deletions(-) - -diff --git a/drivers/input/misc/ati_remote2.c b/drivers/input/misc/ati_remote2.c -index f63341f20b91a..e8c6a4842e91c 100644 ---- a/drivers/input/misc/ati_remote2.c -+++ b/drivers/input/misc/ati_remote2.c -@@ -817,26 +817,49 @@ static int ati_remote2_probe(struct usb_interface *interface, const struct usb_d - - ar2->udev = udev; - -+ /* Sanity check, first interface must have an endpoint */ -+ if (alt->desc.bNumEndpoints < 1 || !alt->endpoint) { -+ dev_err(&interface->dev, -+ "%s(): interface 0 must have an endpoint\n", __func__); -+ r = -ENODEV; -+ goto fail1; -+ } - ar2->intf[0] = interface; - ar2->ep[0] = &alt->endpoint[0].desc; - -+ /* Sanity check, the device must have two interfaces */ - ar2->intf[1] = usb_ifnum_to_if(udev, 1); -+ if ((udev->actconfig->desc.bNumInterfaces < 2) || !ar2->intf[1]) { -+ dev_err(&interface->dev, "%s(): need 2 interfaces, found %d\n", -+ __func__, udev->actconfig->desc.bNumInterfaces); -+ r = -ENODEV; -+ goto fail1; -+ } -+ - r = usb_driver_claim_interface(&ati_remote2_driver, ar2->intf[1], ar2); - if (r) - goto fail1; -+ -+ /* Sanity check, second interface must have an endpoint */ - alt = ar2->intf[1]->cur_altsetting; -+ if (alt->desc.bNumEndpoints < 1 || !alt->endpoint) { -+ dev_err(&interface->dev, -+ "%s(): interface 1 must have an endpoint\n", __func__); -+ r = -ENODEV; -+ goto fail2; -+ } - ar2->ep[1] = &alt->endpoint[0].desc; - - r = ati_remote2_urb_init(ar2); - if (r) -- goto fail2; -+ goto fail3; - - ar2->channel_mask = channel_mask; - ar2->mode_mask = mode_mask; - - r = ati_remote2_setup(ar2, ar2->channel_mask); - if (r) -- goto fail2; -+ goto fail3; - - usb_make_path(udev, ar2->phys, sizeof(ar2->phys)); - strlcat(ar2->phys, "/input0", sizeof(ar2->phys)); -@@ -845,11 +868,11 @@ static int ati_remote2_probe(struct usb_interface *interface, const struct usb_d - - r = sysfs_create_group(&udev->dev.kobj, &ati_remote2_attr_group); - if (r) -- goto fail2; -+ goto fail3; - - r = ati_remote2_input_init(ar2); - if (r) -- goto fail3; -+ goto fail4; - - usb_set_intfdata(interface, ar2); - -@@ -857,10 +880,11 @@ static int ati_remote2_probe(struct usb_interface *interface, const struct usb_d - - return 0; - -- fail3: -+ fail4: - sysfs_remove_group(&udev->dev.kobj, &ati_remote2_attr_group); -- fail2: -+ fail3: - ati_remote2_urb_cleanup(ar2); -+ fail2: - usb_driver_release_interface(&ati_remote2_driver, ar2->intf[1]); - fail1: - kfree(ar2); diff --git a/Patches/Linux_CVEs-New/CVE-2016-2186/ANY/1.patch b/Patches/Linux_CVEs-New/CVE-2016-2186/ANY/1.patch deleted file mode 100644 index e0bca0ae..00000000 --- a/Patches/Linux_CVEs-New/CVE-2016-2186/ANY/1.patch +++ /dev/null @@ -1,38 +0,0 @@ -From b684cb33d6867e10ba45375a12ef9f3ceb6f0aa7 Mon Sep 17 00:00:00 2001 -From: Josh Boyer -Date: Mon, 14 Mar 2016 09:33:40 -0700 -Subject: [PATCH] Input: powermate - fix oops with malicious USB descriptors - -[ Upstream commit 9c6ba456711687b794dcf285856fc14e2c76074f ] - -The powermate driver expects at least one valid USB endpoint in its -probe function. If given malicious descriptors that specify 0 for -the number of endpoints, it will crash. Validate the number of -endpoints on the interface before using them. - -The full report for this issue can be found here: -http://seclists.org/bugtraq/2016/Mar/85 - -Reported-by: Ralf Spenneberg -Cc: stable -Signed-off-by: Josh Boyer -Signed-off-by: Dmitry Torokhov -Signed-off-by: Sasha Levin ---- - drivers/input/misc/powermate.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/drivers/input/misc/powermate.c b/drivers/input/misc/powermate.c -index 63b539d3dabae..84909a12ff36c 100644 ---- a/drivers/input/misc/powermate.c -+++ b/drivers/input/misc/powermate.c -@@ -307,6 +307,9 @@ static int powermate_probe(struct usb_interface *intf, const struct usb_device_i - int error = -ENOMEM; - - interface = intf->cur_altsetting; -+ if (interface->desc.bNumEndpoints < 1) -+ return -EINVAL; -+ - endpoint = &interface->endpoint[0].desc; - if (!usb_endpoint_is_int_in(endpoint)) - return -EIO; diff --git a/Patches/Linux_CVEs-New/CVE-2017-5669/ANY/0.patch b/Patches/Linux_CVEs-New/CVE-2017-5669/ANY/0.patch deleted file mode 100644 index 6ee31aef..00000000 --- a/Patches/Linux_CVEs-New/CVE-2017-5669/ANY/0.patch +++ /dev/null @@ -1,70 +0,0 @@ -From e1d35d4dc7f089e6c9c080d556feedf9c706f0c7 Mon Sep 17 00:00:00 2001 -From: Davidlohr Bueso -Date: Wed, 8 Feb 2017 10:28:24 +1100 -Subject: [PATCH] ipc/shm: Fix shmat mmap nil-page protection - -The issue is described here, with a nice testcase: - - https://bugzilla.kernel.org/show_bug.cgi?id=192931 - -The problem is that shmat() calls do_mmap_pgoff() with MAP_FIXED, and the -address rounded down to 0. For the regular mmap case, the protection -mentioned above is that the kernel gets to generate the address -- -arch_get_unmapped_area() will always check for MAP_FIXED and return that -address. So by the time we do security_mmap_addr(0) things get funky for -shmat(). - -The testcase itself shows that while a regular user crashes, root will not -have a problem attaching a nil-page. There are two possible fixes to -this. The first, and which this patch does, is to simply allow root to -crash as well -- this is also regular mmap behavior, ie when hacking up -the testcase and adding mmap(... |MAP_FIXED). While this approach is the -safer option, the second alternative is to ignore SHM_RND if the rounded -address is 0, thus only having MAP_SHARED flags. This makes the behavior -of shmat() identical to the mmap() case. The downside of this is -obviously user visible, but does make sense in that it maintains semantics -after the round-down wrt 0 address and mmap. - -Passes shm related ltp tests. - -Link: http://lkml.kernel.org/r/1486050195-18629-1-git-send-email-dave@stgolabs.net -Signed-off-by: Davidlohr Bueso -Reported-by: Gareth Evans -Cc: Manfred Spraul -Cc: Michael Kerrisk -Signed-off-by: Andrew Morton ---- - ipc/shm.c | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/ipc/shm.c b/ipc/shm.c -index d7805acb44fd4..06ea9ef7f54a7 100644 ---- a/ipc/shm.c -+++ b/ipc/shm.c -@@ -1091,8 +1091,8 @@ SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, struct shmid_ds __user *, buf) - * "raddr" thing points to kernel space, and there has to be a wrapper around - * this. - */ --long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, -- unsigned long shmlba) -+long do_shmat(int shmid, char __user *shmaddr, int shmflg, -+ ulong *raddr, unsigned long shmlba) - { - struct shmid_kernel *shp; - unsigned long addr; -@@ -1113,8 +1113,13 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr, - goto out; - else if ((addr = (ulong)shmaddr)) { - if (addr & (shmlba - 1)) { -- if (shmflg & SHM_RND) -- addr &= ~(shmlba - 1); /* round down */ -+ /* -+ * Round down to the nearest multiple of shmlba. -+ * For sane do_mmap_pgoff() parameters, avoid -+ * round downs that trigger nil-page and MAP_FIXED. -+ */ -+ if ((shmflg & SHM_RND) && addr >= shmlba) -+ addr &= ~(shmlba - 1); - else - #ifndef __ARCH_FORCE_SHMLBA - if (addr & ~PAGE_MASK) diff --git a/Patches/Linux_CVEs-New/CVE-2017-6074/ANY/1.patch b/Patches/Linux_CVEs-New/CVE-2017-6074/ANY/1.patch deleted file mode 100644 index 79c6a180..00000000 --- a/Patches/Linux_CVEs-New/CVE-2017-6074/ANY/1.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4 Mon Sep 17 00:00:00 2001 -From: Andrey Konovalov -Date: Thu, 16 Feb 2017 17:22:46 +0100 -Subject: dccp: fix freeing skb too early for IPV6_RECVPKTINFO - -In the current DCCP implementation an skb for a DCCP_PKT_REQUEST packet -is forcibly freed via __kfree_skb in dccp_rcv_state_process if -dccp_v6_conn_request successfully returns. - -However, if IPV6_RECVPKTINFO is set on a socket, the address of the skb -is saved to ireq->pktopts and the ref count for skb is incremented in -dccp_v6_conn_request, so skb is still in use. Nevertheless, it gets freed -in dccp_rcv_state_process. - -Fix by calling consume_skb instead of doing goto discard and therefore -calling __kfree_skb. - -Similar fixes for TCP: - -fb7e2399ec17f1004c0e0ccfd17439f8759ede01 [TCP]: skb is unexpectedly freed. -0aea76d35c9651d55bbaf746e7914e5f9ae5a25d tcp: SYN packets are now -simply consumed - -Signed-off-by: Andrey Konovalov -Acked-by: Eric Dumazet -Signed-off-by: David S. Miller ---- - net/dccp/input.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/net/dccp/input.c b/net/dccp/input.c -index ba34718..8fedc2d 100644 ---- a/net/dccp/input.c -+++ b/net/dccp/input.c -@@ -606,7 +606,8 @@ int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb, - if (inet_csk(sk)->icsk_af_ops->conn_request(sk, - skb) < 0) - return 1; -- goto discard; -+ consume_skb(skb); -+ return 0; - } - if (dh->dccph_type == DCCP_PKT_RESET) - goto discard; --- -cgit v1.1 - diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_amazon_hdx-common.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_amazon_hdx-common.sh new file mode 100644 index 00000000..0712174e --- /dev/null +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_amazon_hdx-common.sh @@ -0,0 +1,41 @@ +#!/bin/bash +cd $base"kernel/amazon/hdx-common" +git apply $cvePatches/CVE-2012-6704/ANY/0.patch +git apply $cvePatches/CVE-2014-1739/ANY/0.patch +git apply $cvePatches/CVE-2014-4656/ANY/0.patch +git apply $cvePatches/CVE-2014-9420/ANY/0.patch +git apply $cvePatches/CVE-2014-9781/ANY/0.patch +git apply $cvePatches/CVE-2014-9876/3.4/1.patch +git apply $cvePatches/CVE-2014-9880/ANY/0.patch +git apply $cvePatches/CVE-2015-1593/ANY/0.patch +git apply $cvePatches/CVE-2016-10230/ANY/0.patch +git apply $cvePatches/CVE-2016-2185/ANY/0.patch +git apply $cvePatches/CVE-2016-2186/ANY/0.patch +git apply $cvePatches/CVE-2016-2488/ANY/0.patch +git apply $cvePatches/CVE-2016-2544/ANY/0.patch +git apply $cvePatches/CVE-2016-3841/3.4/0.patch +git apply $cvePatches/CVE-2016-3893/ANY/0.patch +git apply $cvePatches/CVE-2016-6672/ANY/0.patch +git apply $cvePatches/CVE-2016-6751/ANY/0.patch +git apply $cvePatches/CVE-2016-6753/ANY/0.patch +git apply $cvePatches/CVE-2016-8404/ANY/0.patch +git apply $cvePatches/CVE-2016-8417/ANY/0.patch +git apply $cvePatches/CVE-2016-8444/ANY/0.patch +git apply $cvePatches/CVE-2016-9604/ANY/0.patch +git apply $cvePatches/CVE-2017-0403/ANY/0.patch +git apply $cvePatches/CVE-2017-0404/ANY/0.patch +git apply $cvePatches/CVE-2017-0611/ANY/0.patch +git apply $cvePatches/CVE-2017-0751/ANY/0.patch +git apply $cvePatches/CVE-2017-0786/ANY/0.patch +git apply $cvePatches/CVE-2017-10662/ANY/0.patch +git apply $cvePatches/CVE-2017-11000/ANY/0.patch +git apply $cvePatches/CVE-2017-15265/ANY/0.patch +git apply $cvePatches/CVE-2017-2671/ANY/0.patch +git apply $cvePatches/CVE-2017-5970/ANY/0.patch +git apply $cvePatches/CVE-2017-6074/ANY/0.patch +git apply $cvePatches/CVE-2017-6348/ANY/0.patch +git apply $cvePatches/CVE-2017-6951/ANY/0.patch +git apply $cvePatches/CVE-2017-7487/ANY/0.patch +git apply $cvePatches/CVE-2017-8247/ANY/0.patch +git apply $cvePatches/CVE-2017-9242/ANY/0.patch +cd $base diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_mako.sh new file mode 100644 index 00000000..34e08c82 --- /dev/null +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_lge_mako.sh @@ -0,0 +1,5 @@ +#!/bin/bash +cd $base"kernel/lge/mako" +git apply $cvePatches/CVE-2016-8402/3.4/1.patch +git apply $cvePatches/CVE-2016-8404/ANY/0.patch +cd $base diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh new file mode 100644 index 00000000..9931a85f --- /dev/null +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_motorola_msm8992.sh @@ -0,0 +1,85 @@ +#!/bin/bash +cd $base"kernel/motorola/msm8992" +git apply $cvePatches/CVE-2014-9781/ANY/0.patch +git apply $cvePatches/CVE-2015-8019/3.10/0.patch +git apply $cvePatches/CVE-2016-0758/ANY/0.patch +git apply $cvePatches/CVE-2016-10200/ANY/0.patch +git apply $cvePatches/CVE-2016-10230/ANY/0.patch +git apply $cvePatches/CVE-2016-10231/ANY/1.patch +git apply $cvePatches/CVE-2016-10232/3.10/1.patch +git apply $cvePatches/CVE-2016-10233/3.10/1.patch +git apply $cvePatches/CVE-2016-2063/ANY/0.patch +git apply $cvePatches/CVE-2016-3070/ANY/0.patch +git apply $cvePatches/CVE-2016-3134/3.10/0.patch +git apply $cvePatches/CVE-2016-3672/ANY/0.patch +git apply $cvePatches/CVE-2016-3857/3.10/0.patch +git apply $cvePatches/CVE-2016-3865/ANY/0.patch +git apply $cvePatches/CVE-2016-3865/ANY/1.patch +git apply $cvePatches/CVE-2016-3867/3.10/0.patch +git apply $cvePatches/CVE-2016-3902/ANY/0.patch +git apply $cvePatches/CVE-2016-3907/ANY/0.patch +git apply $cvePatches/CVE-2016-5346/ANY/0.patch +git apply $cvePatches/CVE-2016-5347/ANY/0.patch +git apply $cvePatches/CVE-2016-5853/ANY/0.patch +git apply $cvePatches/CVE-2016-5859/ANY/0.patch +git apply $cvePatches/CVE-2016-5867/ANY/0.patch +git apply $cvePatches/CVE-2016-6672/ANY/0.patch +git apply $cvePatches/CVE-2016-6681/ANY/0.patch +git apply $cvePatches/CVE-2016-6751/ANY/0.patch +git apply $cvePatches/CVE-2016-6753/ANY/0.patch +git apply $cvePatches/CVE-2016-8417/ANY/0.patch +git apply $cvePatches/CVE-2016-8444/ANY/0.patch +git apply $cvePatches/CVE-2016-8479/ANY/0.patch +git apply $cvePatches/CVE-2016-8483/3.10/1.patch +git apply $cvePatches/CVE-2016-9604/ANY/0.patch +git apply $cvePatches/CVE-2017-0404/ANY/0.patch +git apply $cvePatches/CVE-2017-0427/3.10/1.patch +git apply $cvePatches/CVE-2017-0436/ANY/0.patch +git apply $cvePatches/CVE-2017-0457/3.10/0.patch +git apply $cvePatches/CVE-2017-0457/3.10/1.patch +git apply $cvePatches/CVE-2017-0459/3.10/1.patch +git apply $cvePatches/CVE-2017-0460/3.10/1.patch +git apply $cvePatches/CVE-2017-0463/ANY/0.patch +git apply $cvePatches/CVE-2017-0516/ANY/0.patch +git apply $cvePatches/CVE-2017-0523/ANY/0.patch +git apply $cvePatches/CVE-2017-0537/ANY/0.patch +git apply $cvePatches/CVE-2017-0604/ANY/0.patch +git apply $cvePatches/CVE-2017-0606/ANY/0.patch +git apply $cvePatches/CVE-2017-0611/ANY/0.patch +git apply $cvePatches/CVE-2017-0627/ANY/0.patch +git apply $cvePatches/CVE-2017-0631/ANY/0.patch +git apply $cvePatches/CVE-2017-0746/ANY/0.patch +git apply $cvePatches/CVE-2017-0748/ANY/0.patch +git apply $cvePatches/CVE-2017-0750/ANY/0.patch +git apply $cvePatches/CVE-2017-0751/ANY/0.patch +git apply $cvePatches/CVE-2017-0794/3.10/0.patch +git apply $cvePatches/CVE-2017-10997/ANY/0.patch +git apply $cvePatches/CVE-2017-10998/3.10/0.patch +git apply $cvePatches/CVE-2017-11048/3.10/0.patch +git apply $cvePatches/CVE-2017-11056/3.10/0.patch +git apply $cvePatches/CVE-2017-11059/3.10/0.patch +git apply $cvePatches/CVE-2017-15265/ANY/0.patch +git apply $cvePatches/CVE-2017-2618/3.10/0.patch +git apply $cvePatches/CVE-2017-2671/ANY/0.patch +git apply $cvePatches/CVE-2017-5669/ANY/1.patch +git apply $cvePatches/CVE-2017-5970/ANY/0.patch +git apply $cvePatches/CVE-2017-6074/ANY/0.patch +git apply $cvePatches/CVE-2017-6348/ANY/0.patch +git apply $cvePatches/CVE-2017-6951/ANY/0.patch +git apply $cvePatches/CVE-2017-7369/3.10/0.patch +git apply $cvePatches/CVE-2017-7373/3.10/1.patch +git apply $cvePatches/CVE-2017-7472/ANY/0.patch +git apply $cvePatches/CVE-2017-7487/ANY/0.patch +git apply $cvePatches/CVE-2017-8242/ANY/0.patch +git apply $cvePatches/CVE-2017-8247/ANY/0.patch +git apply $cvePatches/CVE-2017-8251/3.10/0.patch +git apply $cvePatches/CVE-2017-8260/3.10/0.patch +git apply $cvePatches/CVE-2017-8265/ANY/0.patch +git apply $cvePatches/CVE-2017-8280/ANY/0.patch +git apply $cvePatches/CVE-2017-9242/ANY/0.patch +git apply $cvePatches/CVE-2017-9693/ANY/0.patch +git apply $cvePatches/CVE-2017-9694/ANY/0.patch +git apply $cvePatches/CVE-2017-9720/ANY/0.patch +git apply $cvePatches/CVE-2017-9724/ANY/0.patch +git apply $cvePatches/CVE-2017-9725/ANY/0.patch +cd $base diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh new file mode 100644 index 00000000..efebb32e --- /dev/null +++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_oneplus_msm8974.sh @@ -0,0 +1,18 @@ +#!/bin/bash +cd $base"kernel/oneplus/msm8974" +git apply $cvePatches/CVE-2014-9781/ANY/0.patch +git apply $cvePatches/CVE-2014-9876/3.4/1.patch +git apply $cvePatches/CVE-2014-9880/ANY/0.patch +git apply $cvePatches/CVE-2016-3672/ANY/0.patch +git apply $cvePatches/CVE-2016-6672/ANY/0.patch +git apply $cvePatches/CVE-2016-8404/ANY/0.patch +git apply $cvePatches/CVE-2017-0750/ANY/0.patch +git apply $cvePatches/CVE-2017-0751/ANY/0.patch +git apply $cvePatches/CVE-2017-0786/ANY/0.patch +git apply $cvePatches/CVE-2017-11000/ANY/0.patch +git apply $cvePatches/CVE-2017-15265/ANY/0.patch +git apply $cvePatches/CVE-2017-7487/ANY/0.patch +git apply $cvePatches/CVE-2017-8247/ANY/0.patch +git apply $cvePatches/CVE-2017-9242/ANY/0.patch +git apply $cvePatches/CVE-2017-9725/ANY/0.patch +cd $base