CVE-2023-35829_scan.py

#!/bin/bash
# $t@$h
# FYI patch is here as of 11/27/2023:
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d
check_patch_in_kernel_source() {
    local kernel_source_dir=$1
    local patch_identifier="cancel_delayed_work_sync(&rkvdec->watchdog_work);"

    if [[ -d "$kernel_source_dir" ]]; then
        echo "Checking kernel source at $kernel_source_dir for patch..."

        if grep -qr "$patch_identifier" "$kernel_source_dir"; then
            echo "Patch for CVE-2023-35829 found in kernel source."
            return 0
        else
            echo "Patch for CVE-2023-35829 not found in kernel source!!!"
            return 1
        fi
    else
        echo "Kernel source directory not found at $kernel_source_dir."
        return 1
    fi
}

KERNEL_VERSION=$(uname -r)
FIXED_VERSION="6.3.2"
echo "Current Kernel Version: $KERNEL_VERSION"

if [[ "$KERNEL_VERSION" < "$FIXED_VERSION" ]]; then
    echo "Kernel version may be vulnerable to CVE-2023-35829!!! Consider updating."
else
    echo "Kernel version is likely not vulnerable to CVE-2023-35829."
fi

declare -a KERNEL_SOURCE_PATHS=(
    "/usr/src/linux-headers-$KERNEL_VERSION"
    "/usr/src/linux-$KERNEL_VERSION"
    "/lib/modules/$KERNEL_VERSION/build"
)

for path in "${KERNEL_SOURCE_PATHS[@]}"; do
    if check_patch_in_kernel_source "$path"; then
        break
    fi
done

echo "Scan for CVE-2023-35829 complete. Update or patch if vulnerable."