How to collect CVE patches

Question

How to collect CVE patches

Opened this issue 5 years ago · 4 comments

How to collect CVE patches and categorize them by version？The links I found on the Internet are scattered and irregular.

Answer 1 · 2019-12-29T13:11:00.000Z

good question. I also want to know how to collect CVE patches by different version.

Answer 2 · 2019-12-29T14:31:51.000Z

I'm afraid there is no "good" way to do it without manual labor.
MITRE and the LKML are good resources for patchfiles, but I have yet to find a source that links CVEs to patchfiles, let alone files that apply to different kernel versions.

Surely companies like RedHat, SUSE, Canonical and others do have such trackers for internal use, but I'm not aware of any public ones.

Answer 3 · 2019-12-30T09:27:00.000Z

Yes, I have been looking for related tools.
There are some related discussions on LWN:
https://lwn.net/Articles/392293/
https://lwn.net/Articles/700530/

Answer 4 · 2020-09-27T20:47:13.000Z

Here is my list:
https://raw.githubusercontent.com/Divested-Mobile/kernel_patches/master/Kernel_CVE_Patch_List.txt

There is also the CIP project's excellent scripts:
https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec