diff --git a/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch b/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch
index de3c8999..d3594a5b 100644
--- a/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch
+++ b/Patches/LineageOS-18.1/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch
@@ -37,5 +37,5 @@ index 5b7ef524..513f43df 100644
if (ota_type == OtaType::AB) {
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_build/0001-Enable_fwrapv.patch b/Patches/LineageOS-18.1/android_build/0001-Enable_fwrapv.patch
index 9553c292..a159d28c 100644
--- a/Patches/LineageOS-18.1/android_build/0001-Enable_fwrapv.patch
+++ b/Patches/LineageOS-18.1/android_build/0001-Enable_fwrapv.patch
@@ -22,5 +22,5 @@ index efb21e7c6a..41d7fe5dbf 100644
+ endif
+endif
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch b/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch
index a32610f2..3cb51114 100644
--- a/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch
+++ b/Patches/LineageOS-18.1/android_build/0002-OTA_Keys.patch
@@ -68,5 +68,5 @@ index d6a8b5378d..8bc882d621 100644
$(SOONG_ZIP) -o $@ -j \
$(foreach key_file, $(PRIVATE_CERT) $(PRIVATE_EXTRA_RECOVERY_KEYS), -f $(key_file))
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_build_soong/0001-Enable_fwrapv.patch b/Patches/LineageOS-18.1/android_build_soong/0001-Enable_fwrapv.patch
index 5ab4e135..609cf386 100644
--- a/Patches/LineageOS-18.1/android_build_soong/0001-Enable_fwrapv.patch
+++ b/Patches/LineageOS-18.1/android_build_soong/0001-Enable_fwrapv.patch
@@ -48,5 +48,5 @@ index 463a02ac2..7c92b41dc 100644
if ctx.Arch().ArchType == android.Arm {
// Frame pointer based unwinder in ASan requires ARM frame setup.
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_device_lge_mako/0001-LTE.patch b/Patches/LineageOS-18.1/android_device_lge_mako/0001-LTE.patch
index 0911bf8b..b510ce20 100644
--- a/Patches/LineageOS-18.1/android_device_lge_mako/0001-LTE.patch
+++ b/Patches/LineageOS-18.1/android_device_lge_mako/0001-LTE.patch
@@ -66,5 +66,5 @@ index 6398872..81ca1bb 100644
ro.telephony.call_ring.multiple=0
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch b/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
index ae74cfde..7a439a2f 100644
--- a/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
+++ b/Patches/LineageOS-18.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
@@ -30,5 +30,5 @@ index 1108551e..6b925655 100755
r_dir_file(mediaserver, sysfs_esoc)
#allow mediaserver system_app_data_file:file rw_file_perms;
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch b/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch
index e14410c1..7305a5cc 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0003-SUPL_No_IMSI.patch
@@ -34,5 +34,5 @@ index 8d1d3afab5c5..7c72a2016d15 100644
native_agps_set_id(type, (setId == null) ? "" : setId);
}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch b/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch
index e43048fc..6c7e1e2e 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0004-Fingerprint_Lockout.patch
@@ -21,5 +21,5 @@ index 5b51aa6e72ac..79451e535e45 100644
private static final String KEY_LOCKOUT_RESET_USER = "lockout_reset_user";
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch b/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch
index af98f9ad..835696db 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0006-Disable_Analytics.patch
@@ -35,5 +35,5 @@ index 70e4e6cbf622..f79a52c7d827 100644
String name = sa.getNonConfigurationString(
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch b/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch
index 1355e60c..fcbdbc5d 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0007-Always_Restict_Serial.patch
@@ -28,5 +28,5 @@ index 0ae9cc279e68..6c99f8d8525e 100644
// Check if this is a secondary process that should be incorporated into some
// currently active instrumentation. (Note we do this AFTER all of the profiling
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch b/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch
index 03795d7b..b3ed364e 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0008-Browser_No_Location.patch
@@ -54,5 +54,5 @@ index cd53fb9ba52f..a08cbb5ceecd 100644
private String getDefaultSystemHandlerActivityPackage(PackageManagerWrapper pm,
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch b/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch
index 0ac51ab3..d61a74c7 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch
@@ -22,5 +22,5 @@ index 6bee19745c87..ac231c5fafbe 100644
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0010-Sensors.patch b/Patches/LineageOS-18.1/android_frameworks_base/0010-Sensors.patch
index 7d526c9a..f3667433 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0010-Sensors.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0010-Sensors.patch
@@ -103,5 +103,5 @@ index 6baabb69e028..fb685b57e0a6 100644
/**
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0011-Restore_SensorsOff.patch b/Patches/LineageOS-18.1/android_frameworks_base/0011-Restore_SensorsOff.patch
index 569e7477..fe1164e9 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0011-Restore_SensorsOff.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0011-Restore_SensorsOff.patch
@@ -260,5 +260,5 @@ index 000000000000..941e1d44e145
+ }
+}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_base/0012-Private_DNS.patch b/Patches/LineageOS-18.1/android_frameworks_base/0012-Private_DNS.patch
index 92855075..63e8e5ae 100644
--- a/Patches/LineageOS-18.1/android_frameworks_base/0012-Private_DNS.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_base/0012-Private_DNS.patch
@@ -227,5 +227,5 @@ index cf6a7f6e8d70..5d3de9edc930 100644
}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_frameworks_native/0001-Sensors.patch b/Patches/LineageOS-18.1/android_frameworks_native/0001-Sensors.patch
index 4ff7f7f1..d9363261 100644
--- a/Patches/LineageOS-18.1/android_frameworks_native/0001-Sensors.patch
+++ b/Patches/LineageOS-18.1/android_frameworks_native/0001-Sensors.patch
@@ -72,5 +72,5 @@ index 3ca34bba1b..8a62b2bb9c 100644
// Ensure that the AppOp is allowed, or that there is no necessary app op for the sensor
if (opCode < 0 || appOpAllowed) {
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch
index ab171202..3a3332a9 100644
--- a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch
+++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8996.patch
@@ -57,5 +57,5 @@ index cd788542f..10f1eb216 100644
}
+#endif
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch
index 8513c802..3a485822 100644
--- a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch
+++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-8998.patch
@@ -59,5 +59,5 @@ index 4675fc39c..4a5d91a97 100644
int audio_extn_utils_get_license_params(
const struct audio_device *adev,
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch
index 8a50e943..8633a77f 100644
--- a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch
+++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sdm845.patch
@@ -59,5 +59,5 @@ index 0ba2f4f82..d179f4f03 100644
int audio_extn_utils_get_license_params(
const struct audio_device *adev,
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch
index f441f3d2..2898ee53 100644
--- a/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch
+++ b/Patches/LineageOS-18.1/android_hardware_qcom_audio/0001-Unused-sm8150.patch
@@ -57,5 +57,5 @@ index fa826f57f..473511fb5 100644
int audio_extn_utils_get_license_params(
const struct audio_device *adev,
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_kernel_oneplus_sdm845/4.9.277-qc.patch b/Patches/LineageOS-18.1/android_kernel_oneplus_sdm845/4.9.277-qc.patch
index 7c7676e6..73f42b6e 100644
--- a/Patches/LineageOS-18.1/android_kernel_oneplus_sdm845/4.9.277-qc.patch
+++ b/Patches/LineageOS-18.1/android_kernel_oneplus_sdm845/4.9.277-qc.patch
@@ -121837,5 +121837,5 @@ index 4e4bb5dd2dcd..db859b595dba 100644
synchronize_srcu_expedited(&kvm->srcu);
kfree(bus);
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Dialer/0001-Not_Private_Banner.patch b/Patches/LineageOS-18.1/android_packages_apps_Dialer/0001-Not_Private_Banner.patch
index c2a7b27e..6ee83195 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Dialer/0001-Not_Private_Banner.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Dialer/0001-Not_Private_Banner.patch
@@ -184,5 +184,5 @@ index 5b65cc3d9..19e7fdc4f 100644
- true
- @color/dialer_theme_color_dark
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch b/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
index 287b338b..7d11f0fd 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
@@ -139,5 +139,5 @@ index bdb1aa7..0097a52 100644
android:key="sms_security_check_limit"
android:defaultValue="30"
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
index 3acbeee9..418c5984 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch
@@ -343,5 +343,5 @@ index db704ae850..f4c5363d80 100644
public void showMobilePlanMessageDialog() {
showDialog(MANAGE_MOBILE_PLAN_DIALOG_ID);
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0002-Sensors.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0002-Sensors.patch
index df7c70b2..45578ac0 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0002-Sensors.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0002-Sensors.patch
@@ -256,5 +256,5 @@ index 0000000000..2c29f3abfd
+ }
+}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0003-Remove_SensorsOff_Tile.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0003-Remove_SensorsOff_Tile.patch
index 83d6a330..a46ef517 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0003-Remove_SensorsOff_Tile.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0003-Remove_SensorsOff_Tile.patch
@@ -95,5 +95,5 @@ index 916c6c9291..fd92d17a60 100644
* Tile to control the "Wireless debugging" developer setting
*/
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch b/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch
index 37ff82c3..b01d8785 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch
@@ -317,5 +317,5 @@ index 84cae88f85..4d62f64947 100644
return dnsesResolved ? res.getString(R.string.private_dns_mode_on)
: res.getString(R.string.private_dns_mode_opportunistic);
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch b/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
index bdc851fd..ebe34e01 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
@@ -176,5 +176,5 @@ index b1755c7..c299457 100644
public static final String ENABLE_RECOVERY_UPDATE = "enable_recovery_update";
public static final String UPDATE_RECOVERY_PROP = "persist.vendor.recovery_update";
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch b/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch
index 0b741b89..e726c147 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Updater/0001-Server.patch
@@ -32,5 +32,5 @@ index 0aa5fd5..0b41c25 100644
public static String getUpgradeBlockedURL(Context context) {
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch b/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch
index 615aebc2..cb045c92 100644
--- a/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch
+++ b/Patches/LineageOS-18.1/android_packages_apps_Updater/0002-Tor_Support.patch
@@ -396,5 +396,5 @@ index 0b41c25..022f549 100644
return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion;
}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/304614.patch b/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/304614.patch
index ab37e421..311c64de 100644
--- a/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/304614.patch
+++ b/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/304614.patch
@@ -133,5 +133,5 @@ index 3cb4abeb..b1b3146d 100644
throw new XmlPullParserException("Expected 'apn' tag", parser, null);
}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/312102.patch b/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/312102.patch
index d9b3208a..2285311a 100644
--- a/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/312102.patch
+++ b/Patches/LineageOS-18.1/android_packages_providers_TelephonyProvider/312102.patch
@@ -105,5 +105,5 @@ index b1b3146d..6bddde93 100644
}
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch b/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch
index cfce7600..44559886 100644
--- a/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch
+++ b/Patches/LineageOS-18.1/android_system_core/0001-Harden.patch
@@ -57,5 +57,5 @@ index a9af0b094..f19b7484d 100644
write /proc/sys/vm/mmap_min_addr 32768
write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
--
-2.31.1
+2.32.0
diff --git a/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch b/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch
index 7cf5b300..2c487376 100644
--- a/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch
+++ b/Patches/LineageOS-18.1/android_system_extras/0001-ext4_pad_filenames.patch
@@ -34,5 +34,5 @@ index a52ed90c..7852349f 100644
// Use DIRECT_KEY for Adiantum, since it's much more efficient but just as
// secure since Android doesn't reuse the same master key for multiple
--
-2.31.1
+2.32.0
diff --git a/PrebuiltApps b/PrebuiltApps
index 66d69d99..88e8f727 160000
--- a/PrebuiltApps
+++ b/PrebuiltApps
@@ -1 +1 @@
-Subproject commit 66d69d990bc8a3c4a0bdec87e5d693b002412382
+Subproject commit 88e8f72710ce3b3c3f9f12c048e6546fd839ca91
diff --git a/Scripts/Common/Fix_CVE_Patchers.sh b/Scripts/Common/Fix_CVE_Patchers.sh
index 73b1f19f..84aa094d 100644
--- a/Scripts/Common/Fix_CVE_Patchers.sh
+++ b/Scripts/Common/Fix_CVE_Patchers.sh
@@ -49,6 +49,7 @@ commentPatches android_kernel_google_marlin.sh "0001-LinuxIncrementals/3.18/3.18
commentPatches android_kernel_google_msm.sh "CVE-2017-11015/prima" "CVE-2021-Misc2/ANY/0031.patch";
commentPatches android_kernel_google_msm-4.9.sh "CVE-2019-19319" "CVE-2020-0067" "CVE-2020-1749" "CVE-2020-8992";
commentPatches android_kernel_google_redbull.sh "CVE-2018-5873" "CVE-2021-3444" "CVE-2021-3600";
+commentPatches android_kernel_google_sunfish.sh "CVE-2021-20317";
commentPatches android_kernel_google_wahoo.sh "0008-Graphene-Kernel_Hardening/4.4/0019.patch" "CVE-2019-14047/ANY/0002.patch" "CVE-2019-19319" "CVE-2020-1749" "CVE-2020-8992" "CVE-2020-16166";
commentPatches android_kernel_google_yellowstone.sh "0001-LinuxIncrementals/3.10/3.10.0098-0099.patch" "CVE-2018-9514";
commentPatches android_kernel_huawei_angler.sh "CVE-2014-8559";
diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh
index 9b723034..7ae0ce3c 100644
--- a/Scripts/Common/Functions.sh
+++ b/Scripts/Common/Functions.sh
@@ -61,7 +61,7 @@ applyPatchReal() {
if git am "$@"; then
if [ "$DOS_REFRESH_PATCHES" = true ]; then
if [[ "$currentWorkingPatch" == $DOS_PATCHES* ]]; then
- git format-patch -1 HEAD --zero-commit --output="$currentWorkingPatch";
+ git format-patch -1 HEAD --zero-commit --no-signature --output="$currentWorkingPatch";
fi;
fi;
fi;
diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_sunfish.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_sunfish.sh
index 90b55330..6fb15919 100644
--- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_sunfish.sh
+++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_sunfish.sh
@@ -121,7 +121,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3679/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3732/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3744/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3753/4.14/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20317/4.14/0004.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20317/4.14/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20320/^5.15/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-20321/4.14/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-21781/4.14/0002.patch
diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh
index 3f7956a2..96e1ce3a 100644
--- a/Scripts/LineageOS-18.1/Patch.sh
+++ b/Scripts/LineageOS-18.1/Patch.sh
@@ -358,11 +358,17 @@ fi;
if enterAndClear "device/lge/g2-common"; then
sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
+echo "allow hwaddrs self:capability { fowner };" >> sepolicy/hwaddrs.te;
+echo "allow hwaddrs block_device:lnk_file { open };" >> sepolicy/hwaddrs.te;
+echo "allow hwaddrs misc_block_device:blk_file { open read };" >> sepolicy/hwaddrs.te;
awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfigCommon.mk; #broken releasetools
fi;
if enterAndClear "device/lge/g3-common"; then
sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
+echo "allow hwaddrs self:capability { fowner };" >> sepolicy/hwaddrs.te;
+echo "allow hwaddrs block_device:lnk_file { open };" >> sepolicy/hwaddrs.te;
+echo "allow hwaddrs misc_block_device:blk_file { open read };" >> sepolicy/hwaddrs.te;
sed -i '1itypeattribute wcnss_service misc_block_device_exception;' sepolicy/wcnss_service.te;
fi;
@@ -378,6 +384,8 @@ fi;
if enterAndClear "device/lge/msm8996-common"; then
sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
+echo "allow hwaddrs self:capability { fowner };" >> sepolicy/hwaddrs.te;
+echo "allow hwaddrs block_device:lnk_file { open };" >> sepolicy/hwaddrs.te;
awk -i inplace '!/WfdCommon/' msm8996.mk; #fix breakage
echo "type sensors_data_file, file_type, data_file_type, core_data_file_type;" >> sepolicy/file.te; #only included in -userdebug
fi;