linuxKernel.kernels: remove CVE-2023-32233 patch from up-to-date kernels

2023-05-17 16:59:34 +01:00 · 2023-05-17 16:59:34 +01:00 · 1071529f67
commit 1071529f67
parent ba7e85bc98
1 changed files with 0 additions and 9 deletions
--- a/pkgs/top-level/linux-kernels.nix
+++ b/pkgs/top-level/linux-kernels.nix
@ -54,11 +54,6 @@ let
      };
      kernelPatches = kernel.kernelPatches ++ [
        kernelPatches.hardened.${kernel.meta.branch}
-      ] ++ lib.optionals (lib.versionAtLeast version "5.15") [
-        # Needed as long as hardened kernels are behind the first patch release
-        # containing the fix for CVE-2023-32233. Can most likely be removed after the
-        # next hardened kernel update.
-        kernelPatches.CVE-2023-32233
      ];
      isHardened = true;
  };
@ -120,7 +115,6 @@ in {
        [ kernelPatches.bridge_stp_helper
          kernelPatches.request_key_helper
          kernelPatches.modinst_arg_list_too_long
-          kernelPatches.CVE-2023-32233
        ];
    };

@ -129,7 +123,6 @@ in {
        kernelPatches.bridge_stp_helper
        kernelPatches.request_key_helper
        kernelPatches.rtl8761b_support
-        kernelPatches.CVE-2023-32233
      ];
    };

@ -145,7 +138,6 @@ in {
      kernelPatches = [
        kernelPatches.bridge_stp_helper
        kernelPatches.request_key_helper
-        kernelPatches.CVE-2023-32233
      ];
    };

@ -190,7 +182,6 @@ in {
        kernelPatches.make-maple-state-reusable-after-mas_empty_area
        kernelPatches.fix-em-ice-bonding
        kernelPatches.export-rt-sched-migrate
-        kernelPatches.CVE-2023-32233
      ];
    };