net: tcp: fix 0 divide in __tcp_select_window()

rxrpc: Fix several cases where a padded len isn't checked in ticket decode

uwb: properly check kthread_run return value

ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor

USB: fix out-of-bounds in usb_set_configuration

USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()

dccp: fix use-after-free (CVE-2017-8824)

ALSA: pcm: prevent UAF in snd_pcm_info

KEYS: don't let add_key() update an uninstantiated key

RDS: Heap OOB write in rds_message_alloc_sgs()

N/A

HID: usbhid: fix out-of-bounds bug

cdc_ether driver: fix possible division by zero exception

Sanitize 'move_pages()' permission checks

media: imon: Fix null-ptr-deref in imon_probe

usb: usbtest: fix NULL pointer dereference

netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets

etfilter: nfnetlink_cthelper: Add missing permission checks

bluetooth: Validate socket address length in sco_sock_bind()

xfrm: policy: check policy direction value

dm: fix race between dm_get_from_kobject() and __dm_destroy()

mm/mempolicy.c: fix error handling in set_mempolicy and mbind

kernel/exit.c: avoid undefined behaviour when calling wait4()

kernel/signal.c: avoid undefined behaviour in kill_something_info

dccp: check sk for closed state in dccp_sendmsg()

sctp: verify size of a new chunk in _sctp_make_chunk()

drm: udl: Properly check framebuffer mmap offsets

MDS CPU Side-channel Attacks mitigation

binfmt_elf: switch to new creds when switching to new mm

fix NULL pointer dereference via crafted endpoint value for wacom input devices (adaptation like in aiptek, RHBUG - 1283377)

net: qmi_wwan: fix divide by 0 on bad descriptors

KEYS: encrypted: fix buffer overread in valid_master_desc()

USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data

fix buffer overflow in bluetooth hidp ioctl

[net] tcp: pass previous skb to tcp_shifted_skb()

[net] tcp: limit payload size of sacked skbs

[net] tcp: tcp_fragment() should apply sane memory limits

[net] tcp: add tcp_min_snd_mss sysctl

[net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

fix possible NULL pointer dereference via an ioctl (TUNSETIFF) with a dev name containing a / character

vmx_vcpu_run wrapper

Input: gtco - bounds check collection indent level

[x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations

ext4: fix data corruption caused by unaligned direct AIO

floppy: fix out-of-bounds read in copy_buffer

cx24116: fix a buffer overflow when checking userspace params

tcp: purge write queue in tcp_connect_init()

partially fix bypass of the "start time" protection mechanism while fork() (polkit should be updated >0.115)

USB: check usb_get_extra_descriptor for proper size

scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE

usb: misc: legousbtower: Fix NULL pointer deference

floppy: fix div-by-zero in setup_format_params

i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA

media: dvb: usb: fix use after free in dvb_usb_device_exit

media: cpia2_usb: first wake up, then free in disconnect

media: usb: zr364xx: fixed NULL pointer dereference in zr364xx_vidioc_querycap()

USB: sisusbvga: fix oops in error path of sisusb_probe

net: sit: fix memory leak in sit_init_net()

ieee802154: enforce CAP_NET_RAW for raw sockets

mISDN: enforce CAP_NET_RAW for raw sockets

fixed memory leak in drivers/scsi/libsas/sas_expander.c

media: b2c2-flexcop-usb: add sanity checking

add function ptr_to_id() in order not to leak kernel layout info

net: qlogic: Fix memory leak in ql_alloc_large_buffers

drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()

HID: hiddev: avoid opening a disconnected device

HID: Fix assumption that devices have inputs

brcmfmac: screening firmware event packet

ipv6: only static routes qualify for equal cost multipathing

mremap: properly flush TLB before releasing the page

USB: adutux: fix use-after-free on disconnect

USB: iowarrior: fix use-after-free on disconnect

USB: core: Fix races in character device registration and deregistraion

can: peak_usb: fix slab info leak

media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()

ALSA: core: Fix card races between register and disconnect

crypto: user - fix memory leak in crypto_report

media: rc: prevent memory leak in cx23888_ir_probe

af_packet: set defaule value for tmo

sunrpc: use-after-free in svc_process_common()

CVE-2018-16884 kpatch adaptation

vgacon: Fix for missing check in scrollback handling

scsi: libsas: stop discovering if oob mode is disconnected

mwifiex: Fix mem leak in mwifiex_tm_cmd

ath9k_htc: release allocated buffer if timed out

mm/hugetlb: fix a race between hugetlb sysctl handlers

GFS2: don't set rgrp gl_object until it's inserted into rgrp tree

USB: serial: io_ti: fix information leak in completion handler

USB: serial: omninet: fix reference leaks at open

ext4: fix potential negative array index in do_split()