cgroup-v1: Require capabilities to set release_agent

Initialize registers to avoid stack leak into userspace.

lib/iov_iter: initialize "flags" in new pipe_buffer

lib/timerqueue: Rely on rbtree semantics for next timer

lib/timerqueue: Rely on rbtree semantics for next timer (adaptation)

hugetlbfs: flush TLBs correctly after huge_pmd_unshare

btrfs: unlock newly allocated extent buffer after error

drm/i915: Flush TLBs before releasing backing store

drm/i915: Flush TLBs before releasing backing store (kpatch adaptation)

stale file descriptors on failed usercopy

NFSv4: Handle case where the lookup of a directory fails

tipc: improve size validations for received domain records

udf: Restore i_lenAlloc when inode expansion fails

udf: Fix NULL ptr deref when converting from inline format

ipv4: avoid using shared IP generator for connected sockets

sr9700: sanity check for packet length

An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.

esp: Fix possible buffer overflow in ESP transformation

Not affected without certain conditions - Secure Boot, configured kgdb/kdb. Complex adaptation

memstick: rtsx_usb_ms: fix UAF

xen/grant-table: add gnttab_try_end_foreign_access()

xen/xenbus: don't let xenbus_grant_ring() remove grants in error case

xen/scsifront: don't use gnttab_query_foreign_access() for mapped status

xen/gntalloc: don't use gnttab_query_foreign_access()

xen/9p: use alloc/free_pages_exact()

ALSA: pcm: Fix races among concurrent read/write and buffer changes

ALSA: pcm: Fix races among concurrent prealloc proc writes

ALSA: pcm: Fix races among concurrent prepare and

ALSA: pcm: Fix races among concurrent hw_params and hw_free

N/A

x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data

floppy: use a statically allocated error counter

floppy: use a statically allocated error counter (kpatch adaptation)

net_sched: cls_route: remove from list when handle is 0

rds: copy_from_user only once per rds_sendmsg system call

scsi: target: Fix WRITE_SAME No Data Buffer crash

af_key: Do not call xfrm_probe_algs in parallel

media: em28xx: initialize refcount before kref_get

proc: avoid integer type confusion in get_proc_long

proc: proc_skip_spaces() shouldn't think it is working on C strings

scsi: stex: Properly zero out the passthrough command structure

mISDN: fix use-after-free bugs in l1oip timer handlers

mISDN: fix use-after-free bugs in l1oip timer handlers (adaptation)

ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC

tcp/udp: Fix memory leak in ipv6_renew_options()

Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()

Bluetooth: L2CAP: Fix attempting to access uninitialized memory

Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM

ipv6: raw: Deduct extension header length in rawv6_push_pending_frames

i2c: ismt: Fix an out-of-bounds bug in ismt_access()

nfp: fix use-after-free in area_cache_get()

net: sched: atm: dont intepret cls results when asked to drop

media: dvb-core: Fix UAF due to refcount races at releasing

Bluetooth: L2CAP: Fix u8 overflow

net: sched: disallow noqueue for qdisc classes

wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid

hv_netvsc: Add check for kvmalloc_array

vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF

rds: Fix lack of reentrancy for connection reset with dst addr zero

netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c

net/sched: sch_hfsc: Ensure inner classes have fsc curve

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

net: sched: fix race condition in qdisc_graft()

sched/rt: pick_next_rt_entity(): check list_entry

kobject: Fix slab-out-of-bounds in fill_kobj_path()

RDMA/irdma: Prevent zero-length STAG registration

netfilter: nf_tables: Reject tables of unsupported family

netfilter: nf_tables: reject QUEUE/DROP verdict parameters

net/mlx5e: drop shorter ethernet frames

stm class: Fix a double free in stm_register_device()

kdb: Fix buffer overflow during tab-complete

nilfs2: We cannot patch functions that sleep in kthread().

vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()

net: ethernet: lantiq_etop: fix double free in detach

tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets

jfs: xattr: fix buffer overflow for invalid xattr

net/iucv: Avoid explicit cpumask var allocation on stack

net: dsa: mv88e6xxx: Correct check for empty list

tcp_metrics: validate source addr length

tcp_metrics: validate source addr length

bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()

nilfs2: fix inode number range checks

nilfs2: add missing check for inode numbers on directory entries

VMCI: Fix use-after-free when removing resource in vmci_resource_remove()

ipv6: annotate some data-races around sk->sk_prot

ipv6: Fix data races around sk->sk_prot.

tcp: Fix data races around icsk->icsk_af_ops

nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors

USB composite function controllers related patch

USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages

HID: core: remove unnecessary WARN_ON() in implement()

usb-storage: alauda: Fix uninit-value in alauda_check_media()

usb-storage: alauda: Check whether the media is initialized

usb-storage: alauda: Check whether the media is initialized

SUNRPC: Fix RPC client cleaned up the freed pipefs dentries

media: dvb-frontends: tda10048: Fix integer overflow

s390 architecture related CVE.

ppp: ensure minimum packet size in ppp_write()

ppp: reject claimed-as-LCP but actually malformed packets

USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor

nilfs2 is not enabled

drm/radeon: fix UBSAN warning in kv_dpm.c

usb: atm: cxacru: fix endpoint checking in cxacru_bind()

x86: stop playing stack games in profile_pc()

drm/exynos/vidi: fix memory leak in .get_modes()

drivers: core: synchronize really_probe() and dev_uevent()

nilfs2 related patch

drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes

Patch is for ARM32, which KernelCare does not support.

usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()

vmci: prevent speculation leaks by sanitizing event in event_deliver()

pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER

libceph: fix race between delayed_work() and ceph_monc_stop()

drm/amdgpu: fix UBSAN warning in kv_dpm.c

jffs2: Fix potential illegal address access in jffs2_free_inode

scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory

wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()

wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects

ocfs2: fix races between hole punching and AIO+DIO

xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

netrom: Fix a memory leak in nr_heartbeat_expiry()

ftruncate: pass a signed offset

ALSA: emux: improve patch ioctl data validation

orangefs: fix out-of-bounds fsid access

driver core: Fix uevent_show() vs driver detach race

ila: block BH in ila_output()

wifi: cfg80211: wext: add extra SIOCSIWSCAN data check

Out of scope as the patch is for s390 arch only, x86_64 is not affected

Bluetooth: hci_core: cancel all works upon hci_unregister_dev()

hfsplus: fix uninit-value in copy_name

ocfs2: add bounds checking to ocfs2_check_dir_entry()

jfs: don't walk off the end of ealist

exec: Fix ToCToU between perm check and set-uid/gid usage

net/iucv: fix use after free in iucv_sock_close()

media: venus: fix use after free in vdec_close

bna: adjust 'name' buf size of bna_tcb and bna_ccb structures

jfs: Fix array-index-out-of-bounds in diFree

scsi: aacraid: Fix double-free on probe failure

usb: dwc3: st: fix probed platform device ref count on probe error path

Squashfs: sanity check symbolic link size

hwmon: (w83627ehf) Fix underflows seen when writing limit attributes

RDMA/iwcm: Fix a use-after-free related to destroying CM IDs

RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency

RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency

USB: core: Add routines for endpoint checks in old drivers

usb: atm: cxacru: fix a flaw in existing endpoint checks

x86/xen: Add xenpv_restore_regs_and_return_to_usermode()

Restrict access to pagemap/kpageflags/kpagecount

N/A

perf: Fix sys_perf_event_open() race against self