1. 01 Feb, 2023 1 commit
  2. 29 Jan, 2023 1 commit
  3. 25 Jan, 2023 1 commit
  4. 22 Dec, 2022 1 commit
  5. 17 Dec, 2022 1 commit
  6. 30 Nov, 2022 1 commit
  7. 22 Nov, 2022 1 commit
  8. 21 Nov, 2022 1 commit
    • Tad's avatar
      Update CVE patchers · c4fe56a3
      Tad authored
      This fixes CVE-2018-9422 which was primarily added via b56fabac
      
      
      
      May still need to be fixed:
      16.0/kernel_google_yellowstone
      16.0/kernel_xiaomi_msm8937
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      c4fe56a3
  9. 23 Oct, 2022 1 commit
  10. 04 Sep, 2022 1 commit
  11. 21 Aug, 2022 1 commit
  12. 11 Aug, 2022 1 commit
  13. 10 Aug, 2022 1 commit
    • Tad's avatar
      Improve CVE-2021-1048 patching on 3.x kernels · 12c56938
      Tad authored
      
      
      It is still actively being used by malware.
      
      This largely handles 3.0, 3.4, and 3.10 kernels.
      It works for select 3.18 kernels too.
      
      TODO: need alternate get_file_rcu backport for the following:
      15.1/lge_msm8996
      15.1/zte_msm8996
      16.0/xiaomi_msm8937
      17.1/motorola_msm8996
      18.1/google_marlin
      18.1/lge_msm8996
      18.1/oneplus_msm8996
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      12c56938
  14. 22 Jul, 2022 1 commit
  15. 08 Jul, 2022 1 commit
  16. 06 Jul, 2022 1 commit
  17. 28 Jun, 2022 1 commit
  18. 01 Jun, 2022 1 commit
  19. 28 May, 2022 1 commit
    • Tad's avatar
      Revert 5d57bf13 · 735c9e0d
      Tad authored
      
      
      I don't trust enabling MODULES won't cause weird inane breakage on these legacy devices
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      735c9e0d
  20. 26 May, 2022 1 commit
  21. 24 May, 2022 1 commit
  22. 20 May, 2022 1 commit
  23. 19 Apr, 2022 1 commit
  24. 12 Apr, 2022 1 commit
  25. 01 Apr, 2022 2 commits
    • Tad's avatar
      Reverts · 01900ca1
      Tad authored
      WebView overlay is breaking boot on 15.1???
      
      This reverts commit e61e288b.
      01900ca1
    • Tad's avatar
      Fix boot breakage · 3f9b3463
      Tad authored
      
      
      On devices with quota enabled and impacted by this patch
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      3f9b3463
  26. 28 Mar, 2022 1 commit
  27. 09 Mar, 2022 2 commits
  28. 08 Mar, 2022 1 commit
  29. 04 Mar, 2022 1 commit
    • Tad's avatar
      Update CVE patchers [the big fixup] · ac1e89f0
      Tad authored
      
      
      This removes many duplicately or wrongly applied patches.
      
      Correctly removed:
      - CVE-2011-4132 can apply infinitely
      - CVE-2013-2891 can apply infinitely
      - CVE-2014-9781 can apply once to fb_cmap_to_user correctly and incorrectly to fb_copy_cmap
      - CVE-2015-0571 can apply incorrectly and was disabled in patch repo as a result
      - CVE-2016-2475 can apply infinitely
      - CVE-2017-0627 can apply infinitely
      - CVE-2017-0750 can apply infinitely
      - CVE-2017-14875 can apply infinitely
      - CVE-2017-14883 can apply infinitely
      - CVE-2020-11146 can apply infinitely
      - CVE-2020-11608 can apply infinitely
      - CVE-2021-42008 can apply infinitely
      
      Questionable (might actually be beneficial to "incorrectly" apply again):
      - CVE-2012-6544 can apply once to hci_sock_getsockopt correctly and incorrectly to hci_sock_setsockopt
      - CVE-2013-2898 can apply once to sensor_hub_get_feature correctly and incorrectly to sensor_hub_set_feature
      - CVE-2015-8575 can apply once to sco_sock_bind correctly and incorrectly to sco_sock_connect
      - CVE-2017-8281 can apply once to diagchar_ioctl correctly and incorrectly to diagchar_compat_ioctl
      - CVE-2019-10622 can apply once	to qdsp_cvp_callback correctly and incorrectly to qdsp_cvs_callback
      - CVE-2019-14104 can apply once to cam_context_handle_start/stop_dev and incorrectly to cam_context_handle_crm_process_evt and cam_context_handle_flush_dev
      
      Other notes:
      - CVE-2016-6693 can be applied again if it was already applied in combination with CVE-2016-6696
        then the dupe check will fail and mark CVE-2016-6696 as already applied, effectively reverting it.
        This was seemingly fixed with a hand merged patch in patch repo.
      
      Wrongly removed:
      - CVE-2013-2147 is meant for cciss_ioctl32_passthru but is detected in cciss_ioctl32_big_passthru
      - CVE-2015-8746 is meant for nfs_v4_2_minor_ops but is detected in nfs_v4_1_minor_ops
      - CVE-2021-Misc2/ANY/0043.patch is meant for WLANTL_RxCachedFrames but is detected in WLANTL_RxFrames
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      ac1e89f0
  30. 13 Jan, 2022 1 commit
  31. 11 Jan, 2022 1 commit
  32. 29 Dec, 2021 1 commit
  33. 11 Dec, 2021 1 commit
  34. 08 Dec, 2021 1 commit
  35. 06 Dec, 2021 1 commit
  36. 30 Nov, 2021 1 commit
    • Tad's avatar
      Guess what?... · c5c39985
      Tad authored
      
      Guess what? f̵͖̲̙̝̩̌̌̌̑͆̔͐̏͋̓̅̔̒̈́͠i̴͍̗̦͕̅̓̿͋̓̑̽͌͐͊͘͠͠s̵̡̬͙͚̃͑̓̊̌́̾́͠ḥ̴̬͓͚̹̱̰͕͚͈̞̳͒̊ ̵̢̟̞̖͈͖͕̥̙̤͉̮̍́̅̀̾b̵̛̹̝̙̖̱̲͉͚̝̪̲̓̿͛̔̆͋̎́͐̃͆̀̕͝u̸̞̺͓͎̰̦̯̘̺̬͔̬͆͛̋̍̂͒̓͛̐̈́̋̚͝ṫ̵̠t̶̻̳̜̪̗͖͛̂̒̃̑̏͝
      
      Tested on 14.1 and 15.1 targets
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      c5c39985
  37. 28 Nov, 2021 1 commit
    • Tad's avatar
      14.1: extreme loose versioning work · 7d54ee4b
      Tad authored
      
      
      This will apply 3.10 and 3.18 specific patches to 3.0
      Example of tuna 3.0 kernel:
      199 without loose versioning
      311 with loose versioning
      364 with extreme loose versioning
      
      Signed-off-by: Tad's avatarTad <tad@spotco.us>
      7d54ee4b
  38. 26 Nov, 2021 1 commit