diff --git a/.gitignore b/.gitignore
index e69de29..1ac0cc8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,2 @@
+SOURCES/kernel-3.10.0-1160.83.1.el7.src.rpm
+SOURCES/v0.9.2.tar.gz
diff --git a/.kpatch-patch-3_10_0-1160_83_1.metadata b/.kpatch-patch-3_10_0-1160_83_1.metadata
index e69de29..3ee1afd 100644
--- a/.kpatch-patch-3_10_0-1160_83_1.metadata
+++ b/.kpatch-patch-3_10_0-1160_83_1.metadata
@@ -0,0 +1,2 @@
+8e97a09204cfd6994c2e7ee68df086f16492f006 SOURCES/kernel-3.10.0-1160.83.1.el7.src.rpm
+c0878679129add77d6fff57093640892ad941155 SOURCES/v0.9.2.tar.gz
diff --git a/SOURCES/CVE-2022-4378.patch b/SOURCES/CVE-2022-4378.patch
new file mode 100644
index 0000000..d328f3a
--- /dev/null
+++ b/SOURCES/CVE-2022-4378.patch
@@ -0,0 +1,264 @@
+From 794229b5711a96a488d85dd719511a278b4a4956 Mon Sep 17 00:00:00 2001
+From: Ryan Sullivan <rysulliv@redhat.com>
+Date: Fri, 27 Jan 2023 11:25:43 -0500
+Subject: [KPATCH CVE-2022-4378] kpatch fixes for CVE-2022-4378
+
+
+Kpatch-MR: https://gitlab.com/redhat/prdsc/rhel/src/kpatch/rhel-7/-/merge_requests/51
+Approved-by: Yannick Cote (@ycote1)
+Approved-by: Joe Lawrence (@joe.lawrence)
+Kernels:
+3.10.0-1160.76.1.el7
+3.10.0-1160.80.1.el7
+3.10.0-1160.81.1.el7
+3.10.0-1160.83.1.el7
+
+Changes since last build:
+[x86_64]:
+sysctl.o: changed function: __do_proc_dointvec
+sysctl.o: changed function: __do_proc_douintvec
+sysctl.o: changed function: __do_proc_doulongvec_minmax
+sysctl.o: changed function: proc_dostring
+sysctl.o: changed function: proc_get_long.constprop.13
+
+[ppc64le]:
+sysctl.o: changed function: __do_proc_doulongvec_minmax
+sysctl.o: changed function: proc_do_cad_pid
+sysctl.o: changed function: proc_dointvec
+sysctl.o: changed function: proc_dointvec_jiffies
+sysctl.o: changed function: proc_dointvec_minmax
+sysctl.o: changed function: proc_dointvec_minmax_coredump
+sysctl.o: changed function: proc_dointvec_minmax_sysadmin
+sysctl.o: changed function: proc_dointvec_ms_jiffies
+sysctl.o: changed function: proc_dointvec_userhz_jiffies
+sysctl.o: changed function: proc_dopipe_max_size
+sysctl.o: changed function: proc_dostring
+sysctl.o: changed function: proc_dostring_coredump
+sysctl.o: changed function: proc_douintvec
+sysctl.o: changed function: proc_douintvec_minmax
+sysctl.o: changed function: proc_doulongvec_minmax
+sysctl.o: changed function: proc_doulongvec_ms_jiffies_minmax
+sysctl.o: changed function: proc_get_long.constprop.13
+sysctl.o: changed function: sysrq_sysctl_handler
+sysctl.o: new function: __do_proc_dointvec
+
+---------------------------
+
+Modifications:
+added '__attribute__((optimize("-fno-optimize-sibling-calls")))' to
+proc_dointvec_jiffies(), proc_dointvec_ms_jiffies(), proc_doulongvec_ms_jiffies_minmax(),
+proc_doulongvec_minmax(), proc_dointvec_userhz_jiffies(), and proc_dointvec() definitions.
+
+commit f4f6d6bf0cd6fc3d1b88341f784b2f7e8589ff61
+Author: Wander Lairson Costa <wander@redhat.com>
+Date:   Tue Dec 13 08:13:31 2022 -0300
+
+    proc: avoid integer type confusion in get_proc_long
+
+    Bugzilla: https://bugzilla.redhat.com/2152565
+    CVE: CVE-2022-4378
+
+    commit e6cfaf34be9fcd1a8285a294e18986bfc41a409c
+    Author: Linus Torvalds <torvalds@linux-foundation.org>
+    Date:   Mon Dec 5 11:33:40 2022 -0800
+
+        proc: avoid integer type confusion in get_proc_long
+
+        proc_get_long() is passed a size_t, but then assigns it to an 'int'
+        variable for the length.  Let's not do that, even if our IO paths are
+        limited to MAX_RW_COUNT (exactly because of these kinds of type errors).
+
+        So do the proper test in the rigth type.
+
+        Reported-by: Kyle Zeng <zengyhkyle@gmail.com>
+        Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+
+    Signed-off-by: Wander Lairson Costa <wander@redhat.com>
+
+commit c727ac3f665ed51c096edeedf039552cea6053f6
+Author: Wander Lairson Costa <wander@redhat.com>
+Date:   Tue Dec 13 08:12:23 2022 -0300
+
+    proc: proc_skip_spaces() shouldn't think it is working on C strings
+
+    Bugzilla: https://bugzilla.redhat.com/2152565
+    CVE: CVE-2022-4378
+
+    Conflicts: some context hunks because we are way behind upstream.
+
+    commit bce9332220bd677d83b19d21502776ad555a0e73
+    Author: Linus Torvalds <torvalds@linux-foundation.org>
+    Date:   Mon Dec 5 12:09:06 2022 -0800
+
+        proc: proc_skip_spaces() shouldn't think it is working on C strings
+
+        proc_skip_spaces() seems to think it is working on C strings, and ends
+        up being just a wrapper around skip_spaces() with a really odd calling
+        convention.
+
+        Instead of basing it on skip_spaces(), it should have looked more like
+        proc_skip_char(), which really is the exact same function (except it
+        skips a particular character, rather than whitespace).  So use that as
+        inspiration, odd coding and all.
+
+        Now the calling convention actually makes sense and works for the
+        intended purpose.
+
+        Reported-and-tested-by: Kyle Zeng <zengyhkyle@gmail.com>
+        Acked-by: Eric Dumazet <edumazet@google.com>
+        Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+
+    Signed-off-by: Wander Lairson Costa <wander@redhat.com>
+
+Signed-off-by: Ryan Sullivan <rysulliv@redhat.com>
+---
+ kernel/sysctl.c | 36 +++++++++++++++++++++---------------
+ 1 file changed, 21 insertions(+), 15 deletions(-)
+
+diff --git a/kernel/sysctl.c b/kernel/sysctl.c
+index 62e2788cf09a..6f7d80afda89 100644
+--- a/kernel/sysctl.c
++++ b/kernel/sysctl.c
+@@ -1999,13 +1999,14 @@ int proc_dostring(struct ctl_table *table, int write,
+ 			       (char __user *)buffer, lenp, ppos);
+ }
+ 
+-static size_t proc_skip_spaces(char **buf)
++static void proc_skip_spaces(char **buf, size_t *size)
+ {
+-	size_t ret;
+-	char *tmp = skip_spaces(*buf);
+-	ret = tmp - *buf;
+-	*buf = tmp;
+-	return ret;
++	while (*size) {
++		if (!isspace(**buf))
++			break;
++		(*size)--;
++		(*buf)++;
++	}
+ }
+ 
+ static void proc_skip_char(char **buf, size_t *size, const char v)
+@@ -2074,13 +2075,12 @@ static int proc_get_long(char **buf, size_t *size,
+ 			  unsigned long *val, bool *neg,
+ 			  const char *perm_tr, unsigned perm_tr_len, char *tr)
+ {
+-	int len;
+ 	char *p, tmp[TMPBUFLEN];
++	ssize_t len = *size;
+ 
+-	if (!*size)
++	if (len <= 0)
+ 		return -EINVAL;
+ 
+-	len = *size;
+ 	if (len > TMPBUFLEN - 1)
+ 		len = TMPBUFLEN - 1;
+ 
+@@ -2250,7 +2250,7 @@ static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
+ 		bool neg;
+ 
+ 		if (write) {
+-			left -= proc_skip_spaces(&kbuf);
++			proc_skip_spaces(&kbuf, &left);
+ 
+ 			if (!left)
+ 				break;
+@@ -2281,7 +2281,7 @@ static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
+ 	if (!write && !first && left && !err)
+ 		err = proc_put_char(&buffer, &left, '\n');
+ 	if (write && !err && left)
+-		left -= proc_skip_spaces(&kbuf);
++		proc_skip_spaces(&kbuf, &left);
+ free:
+ 	if (write) {
+ 		free_page(page);
+@@ -2331,7 +2331,7 @@ static int do_proc_douintvec_w(unsigned int *tbl_data,
+ 	if (IS_ERR(kbuf))
+ 		return -EINVAL;
+ 
+-	left -= proc_skip_spaces(&p);
++	proc_skip_spaces(&p, &left);
+ 	if (!left) {
+ 		err = -EINVAL;
+ 		goto out_free;
+@@ -2351,7 +2351,7 @@ static int do_proc_douintvec_w(unsigned int *tbl_data,
+ 	}
+ 
+ 	if (!err && left)
+-		left -= proc_skip_spaces(&p);
++		proc_skip_spaces(&p, &left);
+ 
+ out_free:
+ 	kfree(kbuf);
+@@ -2457,6 +2457,7 @@ static int do_proc_douintvec(struct ctl_table *table, int write,
+  *
+  * Returns 0 on success.
+  */
++__attribute__((optimize("-fno-optimize-sibling-calls")))
+ int proc_dointvec(struct ctl_table *table, int write,
+ 		     void __user *buffer, size_t *lenp, loff_t *ppos)
+ {
+@@ -2775,7 +2776,7 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int
+ 		if (write) {
+ 			bool neg;
+ 
+-			left -= proc_skip_spaces(&kbuf);
++			proc_skip_spaces(&kbuf, &left);
+ 
+ 			err = proc_get_long(&kbuf, &left, &val, &neg,
+ 					     proc_wspace_sep,
+@@ -2800,7 +2801,7 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int
+ 	if (!write && !first && left && !err)
+ 		err = proc_put_char(&buffer, &left, '\n');
+ 	if (write && !err)
+-		left -= proc_skip_spaces(&kbuf);
++		proc_skip_spaces(&kbuf, &left);
+ free:
+ 	if (write) {
+ 		free_page(page);
+@@ -2839,6 +2840,7 @@ static int do_proc_doulongvec_minmax(struct ctl_table *table, int write,
+  *
+  * Returns 0 on success.
+  */
++__attribute__((optimize("-fno-optimize-sibling-calls")))
+ int proc_doulongvec_minmax(struct ctl_table *table, int write,
+ 			   void __user *buffer, size_t *lenp, loff_t *ppos)
+ {
+@@ -2862,6 +2864,7 @@ int proc_doulongvec_minmax(struct ctl_table *table, int write,
+  *
+  * Returns 0 on success.
+  */
++__attribute__((optimize("-fno-optimize-sibling-calls")))
+ int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
+ 				      void __user *buffer,
+ 				      size_t *lenp, loff_t *ppos)
+@@ -2957,6 +2960,7 @@ static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
+  *
+  * Returns 0 on success.
+  */
++__attribute__((optimize("-fno-optimize-sibling-calls")))
+ int proc_dointvec_jiffies(struct ctl_table *table, int write,
+ 			  void __user *buffer, size_t *lenp, loff_t *ppos)
+ {
+@@ -2979,6 +2983,7 @@ int proc_dointvec_jiffies(struct ctl_table *table, int write,
+  *
+  * Returns 0 on success.
+  */
++__attribute__((optimize("-fno-optimize-sibling-calls")))
+ int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
+ 				 void __user *buffer, size_t *lenp, loff_t *ppos)
+ {
+@@ -3002,6 +3007,7 @@ int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
+  *
+  * Returns 0 on success.
+  */
++__attribute__((optimize("-fno-optimize-sibling-calls")))
+ int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
+ 			     void __user *buffer, size_t *lenp, loff_t *ppos)
+ {
+-- 
+2.39.1
+
+
diff --git a/SOURCES/v0.9.2-backport-MR-1200-Make-sure-section-symbols-ex.patch b/SOURCES/v0.9.2-backport-MR-1200-Make-sure-section-symbols-ex.patch
new file mode 100644
index 0000000..2aec990
--- /dev/null
+++ b/SOURCES/v0.9.2-backport-MR-1200-Make-sure-section-symbols-ex.patch
@@ -0,0 +1,83 @@
+From c1a07a5329c0b7db0ec54eea093e5d2d77735c06 Mon Sep 17 00:00:00 2001
+From: Joe Lawrence <joe.lawrence@redhat.com>
+Date: Fri, 9 Dec 2022 15:37:49 -0500
+Subject: [PATCH] v0.9.2 backport: MR!1200 ("Make sure section symbols exist")
+Content-type: text/plain
+
+commit 5622e3cc3d393fd77866b9838d16cd064de6fba5
+Author: Artem Savkov <asavkov@redhat.com>
+Date:   Fri Jun 18 10:59:26 2021 +0200
+
+    Make sure section symbols exist
+
+    Binutils recently became much more aggressive about removing unused
+    section symbols. Since we can not rely on those being available anymore
+    add additional checks before using them.
+
+    Fixes: #1193
+
+    Signed-off-by: Artem Savkov <asavkov@redhat.com>
+
+Fixes: KLP-216 ("Backport kpatch-build section symbol check")
+Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
+---
+ kpatch-build/create-diff-object.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/kpatch-build/create-diff-object.c b/kpatch-build/create-diff-object.c
+index c9afe33bbdae..94879b5fce6a 100644
+--- a/kpatch-build/create-diff-object.c
++++ b/kpatch-build/create-diff-object.c
+@@ -1241,7 +1241,8 @@ static void kpatch_correlate_static_local_variables(struct kpatch_elf *base,
+ 		if (bundled && sym->sec->twin) {
+ 			UNCORRELATE_ELEMENT(sym->sec);
+ 
+-			UNCORRELATE_ELEMENT(sym->sec->secsym);
++			if (sym->sec->secsym)
++				UNCORRELATE_ELEMENT(sym->sec->secsym);
+ 
+ 			if (sym->sec->rela)
+ 				UNCORRELATE_ELEMENT(sym->sec->rela);
+@@ -1744,7 +1745,7 @@ static int kpatch_include_callback_elements(struct kpatch_elf *kelf)
+ 			sym = rela->sym;
+ 			log_normal("found callback: %s\n",sym->name);
+ 			kpatch_include_symbol(sym);
+-		} else {
++		} else if (sec->secsym) {
+ 			sec->secsym->include = 1;
+ 		}
+ 	}
+@@ -1772,7 +1773,8 @@ static void kpatch_include_force_elements(struct kpatch_elf *kelf)
+ 			sec->include = 1;
+ 			if (!is_rela_section(sec)) {
+ 				/* .kpatch.force */
+-				sec->secsym->include = 1;
++				if (sec->secsym)
++					sec->secsym->include = 1;
+ 				continue;
+ 			}
+ 			/* .rela.kpatch.force */
+@@ -2381,7 +2383,8 @@ static void kpatch_regenerate_special_section(struct kpatch_elf *kelf,
+ 	sec->include = 1;
+ 	sec->base->include = 1;
+ 	/* include secsym so .kpatch.arch relas can point to section symbols */
+-	sec->base->secsym->include = 1;
++	if (sec->base->secsym)
++		sec->base->secsym->include = 1;
+ 
+ 	/*
+ 	 * Update text section data buf and size.
+@@ -2564,7 +2567,9 @@ static void kpatch_mark_ignored_sections(struct kpatch_elf *kelf)
+ 		 * from the section data comparison, but this is a simpler way.
+ 		 */
+ 		strsec->include = 1;
+-		strsec->secsym->include = 1;
++		if (strsec->secsym)
++			strsec->secsym->include = 1;
++
+ 		name = strsec->data->d_buf + rela->addend;
+ 		ignoresec = find_section_by_name(&kelf->sections, name);
+ 		if (!ignoresec)
+-- 
+2.38.1
+
diff --git a/SOURCES/v0.9.2-backport-MR-1281-create-diff-object-add-suppo.patch b/SOURCES/v0.9.2-backport-MR-1281-create-diff-object-add-suppo.patch
new file mode 100644
index 0000000..38ef70c
--- /dev/null
+++ b/SOURCES/v0.9.2-backport-MR-1281-create-diff-object-add-suppo.patch
@@ -0,0 +1,54 @@
+From d98f100dc979f87296ec88b63a0d506aaf4cd2bd Mon Sep 17 00:00:00 2001
+From: Joe Lawrence <joe.lawrence@redhat.com>
+Date: Thu, 8 Dec 2022 12:31:17 -0500
+Subject: [PATCH] v0.9.2 backport: MR!1281 ("create-diff-object: add support
+ for .return_sites section (x86)")
+Content-type: text/plain
+
+commit 33368a88cdf875b0edd02b0dfd3356a7e93b24db
+Author: Jonathan Dobson <jdobson@redhat.com>
+Date:   Sat Jul 16 15:46:54 2022 -0600
+
+    create-diff-object: add support for .return_sites section (x86)
+
+    Conflicts:
+    	kpatch-build/create-diff-object.c
+	- Manually apply patch to avoid diff context, v0.9.2 structure
+	  special_section structure doesn't have .arch
+
+Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
+---
+ kpatch-build/create-diff-object.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/kpatch-build/create-diff-object.c b/kpatch-build/create-diff-object.c
+index cee8adf333dc..c9afe33bbdae 100644
+--- a/kpatch-build/create-diff-object.c
++++ b/kpatch-build/create-diff-object.c
+@@ -1991,6 +1991,11 @@ static int altinstructions_group_size(struct kpatch_elf *kelf, int offset)
+ 	return size;
+ }
+ 
++static int return_sites_group_size(struct kpatch_elf *kelf, int offset)
++{
++	return 4;
++}
++
+ static int smp_locks_group_size(struct kpatch_elf *kelf, int offset)
+ {
+ 	return 4;
+@@ -2103,6 +2108,11 @@ static struct special_section special_sections[] = {
+ 		.name		= ".altinstructions",
+ 		.group_size	= altinstructions_group_size,
+ 	},
++	{
++		.name		= ".return_sites",
++		.group_size	= return_sites_group_size,
++	},
++
+ #endif
+ #ifdef __powerpc64__
+ 	{
+-- 
+2.38.1
+
diff --git a/SPECS/kpatch-patch.spec b/SPECS/kpatch-patch.spec
index 2a471e1..2bb6cd0 100644
--- a/SPECS/kpatch-patch.spec
+++ b/SPECS/kpatch-patch.spec
@@ -1,17 +1,18 @@
 # Set to 1 if building an empty subscription-only package.
-%define empty_package		1
+%define empty_package		0
 
 #######################################################
 # Only need to update these variables and the changelog
 %define kernel_ver	3.10.0-1160.83.1.el7
 %define kpatch_ver	0.9.2
-%define rpm_ver		0
-%define rpm_rel		0
+%define rpm_ver		1
+%define rpm_rel		1
 
 %if !%{empty_package}
 # Patch sources below. DO NOT REMOVE THIS LINE.
-Source100:		XXX.patch
-#Source101:		YYY.patch
+#
+# https://bugzilla.redhat.com/2152592
+Source100: CVE-2022-4378.patch
 # End of patch sources. DO NOT REMOVE THIS LINE.
 %endif
 
@@ -146,5 +147,8 @@ It is only a method to subscribe to the kpatch stream for kernel-%{kernel_ver}.
 %endif
 
 %changelog
+* Tue Feb 21 2023 Yannick Cote <ycote@redhat.com> [1-1.el7]
+- kernel: stack overflow in do_proc_dointvec and proc_skip_spaces [2152592] {CVE-2022-4378}
+
 * Tue Jan 10 2023 Yannick Cote <ycote@redhat.com> [0-0.el7]
 - An empty patch to subscribe to kpatch stream for kernel-3.10.0-1160.83.1.el7 [2159730]