From 4a2a89d88aa5058741883a386f72a6a4b62dc893 Mon Sep 17 00:00:00 2001
From: Adam Joseph <adam@westernsemico.com>
Date: Wed, 19 Oct 2022 19:24:59 -0700
Subject: [PATCH] src/kernel: bump non-gru-kevin kernels for Linux wifi RCE

This bumps the kernel version on non-gru-kevin to 5.10.148, which
has fixes for the notorious Linux kernel wifi RCE exploits:
CVE-2022-41674, CVE-2022-42719, and CVE-2022-42720.
---
 src/kernel/default.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/kernel/default.nix b/src/kernel/default.nix
index 7ddff55..38bf993 100644
--- a/src/kernel/default.nix
+++ b/src/kernel/default.nix
@@ -8,13 +8,14 @@
 
 let
   inherit (nixpkgsOnBuildForHost) stdenv;
-  version = "5.4.209";
+  version = "5.4.218";
+  hash = "sha256-Pd10AoU31newwCsXz9+IH06933VVJsy5zX+Yg3Gp9Dg=";
 in stdenv.mkDerivation {
   pname = "linux";
   inherit version;
   src = nixpkgsOnBuildForBuild.fetchurl {
     url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
-    sha256 = "1kdnz99k7zspzaxqaxahbf6hncigy4cvjlb79jsy7a95qxxr31qf";
+    inherit hash;
   };
   enableParallelBuilding = true;
   prePatch = "patchShebangs scripts";