From b02d40974c306243ea5e150dfa815024050c243d Mon Sep 17 00:00:00 2001 From: Tad Date: Mon, 12 Feb 2018 04:13:25 -0500 Subject: [PATCH] 15.1: Initial CVE patchers --- Scripts/LineageOS-14.1/Functions.sh | 1 + .../android_kernel_fairphone_msm8974.sh | 34 ++++ .../android_kernel_google_marlin.sh | 155 ++++++++++++++++++ .../CVE_Patchers/android_kernel_google_msm.sh | 42 +++++ .../android_kernel_htc_flounder.sh | 69 ++++++++ .../android_kernel_huawei_angler.sh | 111 +++++++++++++ .../android_kernel_lge_bullhead.sh | 101 ++++++++++++ .../CVE_Patchers/android_kernel_lge_g3.sh | 34 ++++ .../android_kernel_lge_hammerhead.sh | 45 +++++ .../android_kernel_lge_msm8974.sh | 27 +++ .../android_kernel_nextbit_msm8992.sh | 64 ++++++++ .../android_kernel_oppo_msm8974.sh | 51 ++++++ .../android_kernel_samsung_msm8974.sh | 29 ++++ Scripts/LineageOS-15.1/Functions.sh | 1 + 14 files changed, 764 insertions(+) create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_samsung_msm8974.sh diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh index 9819a349..c8387272 100644 --- a/Scripts/LineageOS-14.1/Functions.sh +++ b/Scripts/LineageOS-14.1/Functions.sh @@ -16,6 +16,7 @@ #along with this program. If not, see . startPatcher() { + #$cvePatcher must be set! java -jar $cvePatcher patch $base $androidWorkspace"Patches/" $cveScripts $1; } export -f startPatcher; diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh new file mode 100644 index 00000000..eec2be8c --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh @@ -0,0 +1,34 @@ +#!/bin/bash +cd $base"kernel/fairphone/msm8974" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2014-3153/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2014-3153/ANY/0004.patch +git apply $cvePatchesLinux/CVE-2016-0774/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11059/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-13080/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-13080-Extra/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-13080-Extra/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-13080-Extra/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2017-13080-Extra/ANY/0004.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.4/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p30" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh new file mode 100644 index 00000000..9a2e0ca2 --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh @@ -0,0 +1,155 @@ +#!/bin/bash +cd $base"kernel/google/marlin" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0019.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0020.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0021.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0022.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0023.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0024.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0025.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0026.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0027.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0028.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0029.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0030.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0031.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0032.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0033.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0034.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0035.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0036.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0037.patch +#git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0038.patch +#git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0039.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0040.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0041.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0042.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0043.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0044.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0045.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0046.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0047.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0048.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0049.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.18/0050.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.10+/0011.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.10+/0012.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.10+/0013.patch +git apply $cvePatchesLinux/CVE-2014-9900/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-2041/^3.19/0002.patch +git apply $cvePatchesLinux/CVE-2015-7515/^4.4/0002.patch +git apply $cvePatchesLinux/CVE-2016-2544/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2549/^4.4/0001.patch +git apply $cvePatchesLinux/CVE-2016-3672/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3857/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3865/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3865/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2016-3906/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5345/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5854/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5856/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5857/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5858/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5867/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2016-5870/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6672/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6694/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6695/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8418/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8483/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-9191/3.11-^4.8/0001.patch +git apply $cvePatchesLinux/CVE-2016-GadgetFS/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2016-GadgetFS/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2016-GadgetFS/ANY/0007.patch +git apply $cvePatchesLinux/CVE-2016-GadgetFS/ANY/0008.patch +git apply $cvePatchesLinux/CVE-2016-GadgetFS/ANY/0009.patch +git apply $cvePatchesLinux/CVE-2016-GadgetFS/ANY/0010.patch +git apply $cvePatchesLinux/CVE-2017-0510/3.18/0003.patch +git apply $cvePatchesLinux/CVE-2017-0524/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0537/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0564/3.18/0004.patch +git apply $cvePatchesLinux/CVE-2017-0610/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-0622/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-0627/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0866/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000365/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2017-1000380/^4.11/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000410/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11016/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11030/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2017-11031/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-11033/3.18/0003.patch +git apply $cvePatchesLinux/CVE-2017-11044/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-11045/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11047/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-11049/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-13162/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-13164/3.18/0006.patch +git apply $cvePatchesLinux/CVE-2017-13164/3.18/0007.patch +git apply $cvePatchesLinux/CVE-2017-13164/3.18/0008.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0005.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0006.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0007.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0008.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0009.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0010.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.18/0011.patch +git apply $cvePatchesLinux/CVE-2017-13219/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-14873/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-14877/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2017-14891/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-14892/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-14897/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2017-15265/^4.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-15847/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-15850/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-15868/3.18/0003.patch +git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16530/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch +git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16646/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0009.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-5669/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-5972/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-7371/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-7372/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.18/0003.patch +git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch +git apply $cvePatchesLinux/CVE-2017-9696/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2017-9698/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-9700/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-9716/3.18/0001.patch +git apply $cvePatchesLinux/CVE-2017-9722/3.18/0001.patch +git apply $cvePatchesLinux/LVT-2017-0004/3.18/0003.patch +git apply $cvePatchesLinux/Untracked/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch +git apply $cvePatchesLinux/Untracked/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch +git apply $cvePatchesLinux/CVE-2016-5853/3.18/0002.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p151" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh new file mode 100644 index 00000000..cda74eb9 --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh @@ -0,0 +1,42 @@ +#!/bin/bash +cd $base"kernel/google/msm" +git apply $cvePatchesLinux/0010-Accelerated_AES/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2013-4738/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2014-9781/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3857/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3894/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch +git apply $cvePatchesLinux/CVE-2016-8404/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0710/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +#git apply $cvePatchesLinux/CVE-2017-11015/prima/0001.patch +#git apply $cvePatchesLinux/CVE-2017-11015/prima/0002.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-13080/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-15265/^4.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2017-8247/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8254/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-8254/3.4/0002.patch +git apply $cvePatchesLinux/LVT-2017-0004/3.4/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p38" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh new file mode 100644 index 00000000..2eeccdc8 --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh @@ -0,0 +1,69 @@ +#!/bin/bash +cd $base"kernel/htc/flounder" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0004.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0007.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0008.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0009.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0010.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0011.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0012.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0013.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0014.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0015.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0016.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0017.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.10+/0011.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.10+/0012.patch +git apply $cvePatchesLinux/CVE-2014-9892/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2014-9900/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-7515/^4.4/0002.patch +git apply $cvePatchesLinux/CVE-2015-8944/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-8955/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch +git apply $cvePatchesLinux/CVE-2016-8453/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8464/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-8650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-9576/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2016-9604/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0449/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0537/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0861/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000365/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000410/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-10996/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11089/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-13168/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-13216/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-15868/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-15868/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch +git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16939/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-2671/^4.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-5669/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-5972/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch +git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch +editKernelLocalversion "-dos.p65" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh new file mode 100644 index 00000000..439e703b --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh @@ -0,0 +1,111 @@ +#!/bin/bash +cd $base"kernel/huawei/angler" +git apply $cvePatchesLinux/0001-LinuxIncrementals/3.10/3.10.0073-0074.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0004.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0005.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0006.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0007.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0008.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0009.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0010.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0011.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0012.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0013.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0014.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0015.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0016.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0017.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0018.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2014-8160/^3.18/0002.patch +git apply $cvePatchesLinux/CVE-2014-8173/3.9-^3.12/0001.patch +git apply $cvePatchesLinux/CVE-2014-9781/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-0573/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-2041/^3.19/0002.patch +git apply $cvePatchesLinux/CVE-2015-5366/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2015-7515/^4.4/0002.patch +git apply $cvePatchesLinux/CVE-2015-7550/^4.3/0001.patch +git apply $cvePatchesLinux/CVE-2016-0805/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-0843/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-10208/3.10-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2016-2063/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2185/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2187/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2384/^4.5/0001.patch +git apply $cvePatchesLinux/CVE-2016-2469/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2544/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2545/^4.4/0001.patch +git apply $cvePatchesLinux/CVE-2016-2549/^4.4/0001.patch +git apply $cvePatchesLinux/CVE-2016-3070/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3140/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3689/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3857/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3865/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3894/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5345/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5858/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5859/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-5867/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-5868/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-5870/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6672/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6694/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6695/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch +git apply $cvePatchesLinux/CVE-2016-8404/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8464/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-8481/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-9576/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2016-9604/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0510/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-0516/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0524/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0537/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0824/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000251/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2017-1000365/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000410/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-14877/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch +git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16939/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-2618/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-2671/^4.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-5669/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-5972/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8280/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch +git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-15845/ANY/0001.patch +editKernelLocalversion "-dos.p107" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh new file mode 100644 index 00000000..eb4e8c4f --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh @@ -0,0 +1,101 @@ +#!/bin/bash +cd $base"kernel/lge/bullhead" +git apply $cvePatchesLinux/0001-LinuxIncrementals/3.10/3.10.0073-0074.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0004.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0005.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0006.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0007.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0008.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0009.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0010.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0011.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0012.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0013.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0014.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0015.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0016.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0017.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0018.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2014-8160/^3.18/0002.patch +git apply $cvePatchesLinux/CVE-2014-8173/3.9-^3.12/0001.patch +git apply $cvePatchesLinux/CVE-2014-9781/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-0573/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-2041/^3.19/0002.patch +git apply $cvePatchesLinux/CVE-2015-5366/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2015-7515/^4.4/0002.patch +git apply $cvePatchesLinux/CVE-2015-7550/^4.3/0001.patch +git apply $cvePatchesLinux/CVE-2016-0805/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-0843/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-10208/3.10-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2016-2063/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2185/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2187/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2384/^4.5/0001.patch +git apply $cvePatchesLinux/CVE-2016-2469/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-2544/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2545/^4.4/0001.patch +git apply $cvePatchesLinux/CVE-2016-2549/^4.4/0001.patch +git apply $cvePatchesLinux/CVE-2016-3070/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3140/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3689/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3857/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3894/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5345/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5858/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-5859/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-5867/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-5870/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6694/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6695/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch +git apply $cvePatchesLinux/CVE-2016-7913/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8404/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8481/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-9576/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2016-9604/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0510/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-0516/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0537/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000251/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2017-1000365/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000410/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-14877/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch +git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16939/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-2618/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-2671/^4.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-5669/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-5972/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch +git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +editKernelLocalversion "-dos.p97" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh new file mode 100644 index 00000000..27ac50ad --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh @@ -0,0 +1,34 @@ +#!/bin/bash +cd $base"kernel/lge/g3" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2014-9781/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-6640/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3857/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3892/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8404/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8406/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-9576/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p30" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh new file mode 100644 index 00000000..e82a2294 --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh @@ -0,0 +1,45 @@ +#!/bin/bash +cd $base"kernel/lge/hammerhead" +git apply $cvePatchesLinux/0010-Accelerated_AES/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2014-9881/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2014-9882/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2014-9882/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2015-1593/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-3894/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-8650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-9576/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2016-9604/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0710/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11089/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-2671/^4.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2017-8247/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8254/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-8254/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch +git apply $cvePatchesLinux/CVE-2017-9684/ANY/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p41" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh new file mode 100644 index 00000000..7cd9f6be --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh @@ -0,0 +1,27 @@ +#!/bin/bash +cd $base"kernel/lge/msm8974" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2015-8939/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-0806/prima/0001.patch +git apply $cvePatchesLinux/CVE-2016-0806/prima/0006.patch +git apply $cvePatchesLinux/CVE-2016-0806/prima/0007.patch +git apply $cvePatchesLinux/CVE-2016-0806/prima/0010.patch +git apply $cvePatchesLinux/CVE-2016-6751/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p23" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh new file mode 100644 index 00000000..4c9d03a0 --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh @@ -0,0 +1,64 @@ +#!/bin/bash +cd $base"kernel/nextbit/msm8992" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0004-No_dir-relax.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0005.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0006.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0007.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0008.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0009.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0010.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0011.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0012.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0013.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0014.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0015.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0016.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0017.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/3.10/0018.patch +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2014-9904/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6672/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0861/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-0862/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000410/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-13163/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-13168/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-13216/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.10/0003.patch +git apply $cvePatchesLinux/CVE-2017-13218/3.10/0004.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16643/3.5+/0001.patch +git apply $cvePatchesLinux/CVE-2017-16645/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16939/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0003.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch +git apply $cvePatchesLinux/CVE-2017-7533/3.10/0002.patch +git apply $cvePatchesLinux/CVE-2017-8243/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-8281/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2017-8281/3.10/0003.patch +git apply $cvePatchesLinux/CVE-2017-9723/ANY/0001.patch +git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch +git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p60" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh new file mode 100644 index 00000000..7722ea7e --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh @@ -0,0 +1,51 @@ +#!/bin/bash +cd $base"kernel/oppo/msm8974" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2014-9781/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2014-9880/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-0774/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-0801/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-2443/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-6672/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch +git apply $cvePatchesLinux/CVE-2016-8404/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0510/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0524/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-1000380/^4.11/0001.patch +git apply $cvePatchesLinux/CVE-2017-11000/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-11019/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11059/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch +git apply $cvePatchesLinux/CVE-2017-13080/ANY/0002.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-15265/^4.14/0001.patch +git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2017-8247/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch +git apply $cvePatchesLinux/CVE-2017-9684/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-9706/ANY/0001.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p47" +cd $base diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_samsung_msm8974.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_samsung_msm8974.sh new file mode 100644 index 00000000..f3b245fb --- /dev/null +++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_samsung_msm8974.sh @@ -0,0 +1,29 @@ +#!/bin/bash +cd $base"kernel/samsung/msm8974" +git apply $cvePatchesLinux/0002-Copperhead-Kernel_Hardening/ANY/0001.patch +git apply $cvePatchesLinux/0010-Accelerated_AES/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2016-4578/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch +git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch +git apply $cvePatchesLinux/CVE-2017-16650/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0005.patch +git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch +git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch +git apply $cvePatchesLinux/CVE-2017-8254/3.4/0001.patch +git apply $cvePatchesLinux/CVE-2017-8254/3.4/0002.patch +git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch +git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch +git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch +editKernelLocalversion "-dos.p25" +cd $base diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh index 2c5c1afe..6cfefdc8 100644 --- a/Scripts/LineageOS-15.1/Functions.sh +++ b/Scripts/LineageOS-15.1/Functions.sh @@ -16,6 +16,7 @@ #along with this program. If not, see . startPatcher() { + #$cvePatcher must be set! java -jar $cvePatcher patch $base $androidWorkspace"Patches/" $cveScripts $1; } export -f startPatcher;