Security Vulnerability - Action Required: some unpatched vulnerabilities are detected in your repo

[Crispy-fried-chicken]

Hi, our team have developed a recurring vulnerability detection tool. This tool mainly uses static analysis methods, and it has a high detection accuracy in our dataset. We have also received positive feedback from other projects before. we have scanned your fastsocket and found some vulnerabilities, which were confirmed and fixed by linux do not get patched in this repo. Here are some details as follows:

1. inet_create and inet6_create functions from kernel/net/ipv4/af_inet.c and kernel/net/ipv6/af_inet6.c respectively, which shares the similarity with CVE-2015-8543 and the patch is https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9
2. pipe_iov_copy_from_user and pipe_iov_copy_to_user functions from kernel/fs/pipe.c , which shares the similarity with CVE-2015-1805 and the patch is https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
3. __mptctl_ioctl, mptctl_do_reset, mptctl_fw_download, mptctl_getiocinfo, mptctl_gettargetinfo, mptctl_readtest, mptctl_eventquery, mptctl_eventenable, mptctl_eventreport, mptctl_replace_fw, mptctl_mpt_command, mptctl_hp_hostinfo, mptctl_hp_targetinfo, compat_mptfwxfer_ioctl and compat_mpt_command functions from kernel/drivers/message/fusion/mptctl.c, which shares the similarity with CVE-2020-12652 and the patch is https://github.com/torvalds/linux/commit/28d76df18f0ad5bcf5fa48510b225f0ed262a99b
4. sunkbd_interrupt function from kernel/net/ipv4/af_inet.c and kernel/drivers/input/keyboard/sunkbd.c, which shares the similarity with CVE-2020-25669 and the patch is https://github.com/torvalds/linux/commit/77e70d351db7de07a46ac49b87a6c3c7a60fca7e
5. vgacon_scroll function from kernel/drivers/video/console/vgacon.c, which shares the similarity with CVE-2020-28097 and the patch is https://github.com/torvalds/linux/commit/973c096f6a85e5b5f2a295126ba6928d9a6afd45
6. notify_change function from kernel/fs/attr.c, which shares the similarity with CVE-2015-1350 and the patch is https://github.com/torvalds/linux/commit/030b533c4fd4d2ec3402363323de4bb2983c9cee
7. enable_nmi_window from kernel/arch/x86/kvm/svm.c, which shares the similarity with CVE-2015-8104 and the patch is https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d
8. isdn_ppp_ioctl, slhc_init, and sl_alloc_bufs functions from kernel/drivers/isdn/i4l/isdn_ppp.c, kernel/drivers/net/slhc.c and kernel/drivers/net/slip.c respectively, which shares the similarity with CVE-2015-7799 and the patch is https://github.com/torvalds/linux/commit/4ab42d78e37a294ac7bc56901d563c642e03c4ae
9. ext4_ext_split from kernel/fs/ext4/extents.c, which shares the similarity with CVE-2019-11833 and the patch is https://github.com/torvalds/linux/commit/592acbf16821288ecdc4192c47e3774a4c48bb64
10. snd_seq_client_enqueue_event, kernel_client_enqueue, snd_seq_fifo_event_in, snd_seq_cell_alloc and snd_seq_event_dup functions from kernel/sound/core/seq/seq_clientmgr.c, kernel/sound/core/seq/seq_fifo.c and kernel/sound/core/seq/seq_memory.c respectively, which shares the similarity with CVE-2018-1000004 and the patch is https://github.com/torvalds/linux/commit/7bd80091567789f1c0cb70eb4737aac8bcd2b6b9
11. ext4_read_inode_bitmap and ext4_read_block_bitmap functions from kernel/fs/ext4/ialloc.c and kernel/fs/ext4/balloc.c respectively, which shares the similarity with CVE-2018-1093 and the patch is https://github.com/torvalds/linux/commit/7dac4a1726a9c64a517d595c40e95e2d0d135f6f
12. ext4_mb_add_groupinfo and ext4_has_uninit_itable functions from kernel/fs/ext4/mballoc.c and kernel/fs/ext4/super.c respectively, which shares the similarity with CVE-2018-10876 and the patch is https://github.com/torvalds/linux/commit/8844618d8aa7a9973e7b527d038a2a589665002c
13. __ext4_get_inode_loc functions from kernel/fs/ext4/inode.c, which shares the similarity with CVE-2018-10882 and the patch is https://github.com/torvalds/linux/commit/c37e9e013469521d9adb932d17a1795c139b36db
14. flush_ldt, init_new_context, alloc_ldt, copy_ldt and convert_ip_to_linear functions from kernel/arch/x86/kernel/ldt.c and kernel/arch/x86/kernel/step.c respectively, which shares the similarity with CVE-2015-5157 and the patch is https://github.com/torvalds/linux/commit/37868fe113ff2ba814b3b4eb12df214df555f8dc
15. create_kthread from kernel/kernel/kthread.c, which shares the similarity with CVE-2012-4398 and the patch is https://github.com/torvalds/linux/commit/786235eeba0e1e85e5cbbb9f97d1087ad03dfa21
16. cypress_open from kernel/drivers/usb/serial/cypress_m8.c, which shares the similarity with CVE-2016-3137 and the patch is https://github.com/torvalds/linux/commit/c55aee1bf0e6b6feec8b2927b43f7a09a6d5f754
17. gru_handle_user_call_os and gru_check_context_placement functions from kernel/drivers/misc/sgi-gru/grufault.c and kernel/drivers/misc/sgi-gru/grumain.c respectively, which shares the similarity with CVE-2022-3424 and the patch is https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
18. rose_start_idletimer from ernel/net/rose/rose_timer.c, which shares the similarity with CVE-2022-2318 and the patch is https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6
19. ext4_xattr_ibody_find and ext3_xattr_ibody_find functions from kernel/fs/ext4/xattr.c and kernel/fs/ext3/xattr.c respectively, which shares the similarity with CVE-2023-2513 and the patch is https://github.com/torvalds/linux/commit/67d7d8ad99be
20. fib6_rule_action function from kernel/net/ipv6/fib6_rules.c, which shares the similarity with CVE-2023-3022 and the patch is https://github.com/torvalds/linux/commit/a65120bae4b7 We have preliminarily verified the correctness of the above list through static analysis. Would you can help to check if this bug is true? If it's true, please try to fix it, or I'd like to open a PR for that if necessary. Thank you for your effort and patience!