Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-14 20:32:28 -04:00
Code Issues Projects Releases Packages Wiki Activity

Better patching of CVE-2024-43047

Browse source 
All 4.9 and higher Qualcomm devices are now patched

Signed-off-by: Tavi <tavi@divested.dev>
This commit is contained in:
Tavi 2024-10-10 21:33:33 -04:00
parent 4256660b1a
commit b060b68316
No known key found for this signature in database
GPG key ID: E599F62ECBAEAF2E
7 changed files with 23 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Scripts/LineageOS-19.1/CVE_Patchers/android_kernel_xiaomi_sm8150.sh
View file

@ -805,6 +805,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-31085/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-32269/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33031/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33059/audio-kernel/0002.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33063/4.14/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33065/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33068/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33070/ANY/0001.patch
@ -1171,6 +1172,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42309/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42310/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42311/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42313/4.14/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43047-prereq/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43839/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43853/4.19/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43854/4.19/0005.patch
@ -1227,11 +1229,13 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27830/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29660/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-47222/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33063/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-52601/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27424/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27425/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42104/4.14/0009.patch
editKernelLocalversion "-dos.p1231"
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43047-upstream/4.14/0007.patch
editKernelLocalversion "-dos.p1235"
else echo "kernel_xiaomi_sm8150 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

3
Scripts/LineageOS-19.1/Functions.sh
View file

@ -66,9 +66,8 @@ patchWorkspaceReal() {
verifyAllPlatformTags;
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
source build/envsetup.sh;
#source build/envsetup.sh;
#repopick -ift twelve-bt-sbc-hd-dualchannel;
repopick -it S_asb_2024-09;
sh "$DOS_SCRIPTS/Patch.sh";
sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";

3
Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_fairphone_sdm632.sh
View file

@ -494,7 +494,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-52601/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27424/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27425/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42104/4.14/0009.patch
editKernelLocalversion "-dos.p494"
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43047-alt/4.9/0001.patch
editKernelLocalversion "-dos.p495"
else echo "kernel_fairphone_sdm632 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"

2
Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_redbull.sh
View file

@ -221,7 +221,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-32233/4.19/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-32269/4.19/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33031/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33055/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33063/4.19/0010.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33063/4.19/0013.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33065/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33079/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33090/audio-kernel/0001.patch --directory=techpack/audio

6
Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_oneplus_sm8150.sh
View file

@ -761,6 +761,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-31085/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-32269/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33031/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33059/audio-kernel/0002.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33063/4.14/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33065/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33068/audio-kernel/0001.patch --directory=techpack/audio
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33070/ANY/0001.patch
@ -1126,6 +1127,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42309/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42310/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42311/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42313/4.14/0008.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43047-prereq/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43839/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43853/4.19/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43854/4.19/0005.patch
@ -1181,11 +1183,13 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0466/4.14/0005.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27830/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-47222/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-33063/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-52601/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27424/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-27425/4.14/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-42104/4.14/0009.patch
editKernelLocalversion "-dos.p1185"
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-43047-upstream/4.14/0007.patch
editKernelLocalversion "-dos.p1189"
else echo "kernel_oneplus_sm8150 is unavailable, not patching.";
fi;
cd "$DOS_BUILD_BASE"