Obviously a patch that applies cleanly does not imply the patch is therefore correct, and neither does an unclean apply mean the security issue doesn't exist.
A few are architecture specific, and thus probably not applicable, but I included them for completeness sake.
I'm hoping you'd be willing to take a look at the above patches, and possibly import some of them if you deem them applicable.
pmjdebruijn
commented
7 years ago
It's great to see that Odroid C2 reference kernel is based on an LTS kernel (3.14), which has been kept up to date on subsequent LTS patch releases:
https://github.com/hardkernel/linux/tree/odroidc2-3.14.y
However 3.14.x has been end-of-lifed late last year: https://lkml.org/lkml/2016/9/11/28
So I guess it's "stuck" at 3.14.79 now, which isn't an immediate issue, aside from security issues patched after 3.14.79 (11 Sept 2016).
Since distros often maintain kernels past their kernel.org upstream end-of-life, I scoured the Ubuntu kernel tree for 14.04 which was based off 3.13:
http://changelogs.ubuntu.com/changelogs/pool/main/l/linux/linux_3.13.0-107.154/changelog
When relating their CVE listing to their kernel git tree:
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/log/
I did a quick check if they apply cleanly indicated by GOOD or FAIL:
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=667a3da3f48db67014e6c4347fac028f08914197 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=1f4c0f24658167268e0b4bdb3165b4c579476d92 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=cedebd604c265fa9f3c527248fff9edbb4fd7e88 (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=478fe78e71f6c5e0da9073340e461dfc6a7d8c1c (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=ec6e9b9bd09d48bcda16bc13a05d2a4f7ddf92ad (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=7754e976a6a5c9b5a94fb0a76ed7ab12013898a3 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=5a3ea815dca57b428361797260eb2946f3b7d3d1 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=9f976125e4b507aba5dddb81a43db145453bb4a8 (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=50cba478b891a2e6133b86b5a6f36ca380c77ae8 (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=cb39aac00ad75d029775c6498ac34772f6012e47 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=5a3e9a734230234236ccb3aee702468ac028e2f0 (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=e2c1f8e1f68fdca0d8a8aa6c97e8feb5ee7b9853 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=4f5a2e753ace9d7d1d700ddf7bdb74c2a64c9e7f (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=1b3e63ec1bcbb5a45305efe595da170e19752967 (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=56de410a259d656e5bb0a9887f5cb0acaec16fc5 (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=082d4acb942927195b07bfd4f0c1b539a413c2c8 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=41f37acfac0faef3ca76cd6521a4c8ed5ab78c61 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=8ff60d12eaae2e901e4afdb3386a9f06736dfe39 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=63f0c5c6473627e233840854010f2c59d79d8f39 (FAIL)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=46de20e7d73508be3f62f2259c71dbd3509872df (GOOD)
http://kernel.ubuntu.com/git/ubuntu/ubuntu-trusty.git/patch/?id=f63ef34527cff1c39e82ceec126f2903f811c491 (FAIL)
Obviously a patch that applies cleanly does not imply the patch is therefore correct, and neither does an unclean apply mean the security issue doesn't exist.
A few are architecture specific, and thus probably not applicable, but I included them for completeness sake.
I'm hoping you'd be willing to take a look at the above patches, and possibly import some of them if you deem them applicable.