net/mlx5e: fix a potential double-free in fs_any_create_groups

Bluetooth: Avoid potential use-after-free in hci_error_reset

net/mlx5: Properly link new fs rules into the tree

net: hns3: do not allow call hns3_nic_net_open repeatedly

net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context

xen-netfront: Add missing skb_mark_for_recycle

smb: client: fix UAF in smb2_reconnect_server()

crypto: qat - resolve race condition during AER recovery

crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak

epoll: be better about file lifetimes

mlxbf_gige: stop interface during shutdown

net: amd-xgbe: Fix skb data length underflow

dm: call the resume method on internal suspend

nfp: flower: handle acti_netdevs allocation failure

net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

icmp: prevent possible NULL dereferences from icmp_build_probe()

can: j1939: j1939_netdev_start(): fix UAF for

Squashfs: check the inode number is not the invalid value of zero

scsi: libfc: Fix potential NULL pointer

scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

block: add check that partition length needs to be aligned with block size

mlxbf_gige: stop PHY during open() error paths

mlxbf_gige: call request_irq() after NAPI initialized

scsi: lpfc: Release hbalock before calling

ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

octeontx2: CVE patch is outside the scope.

eBPF: low score UAF with CONFIG_BPF_UNPRIV_DEFAULT_OFF=y by default but needs complex adaptation.

VFIO: Add the SPR_DSA and SPR_IAX devices to the

cifs: fix underflow in parse_server_interfaces()

wifi: rtl8xxxu: add cancel_work_sync() for

wifi: iwlwifi: dbg-tlv: ensure NUL termination

net: annotate data-races around

net: fix __dst_negative_advice() race

bonding: Fix out-of-bounds read in

wifi: cfg80211: check A-MSDU format more

net: netlink: af_netlink: Prevent empty skb by

wifi: ath10k: fix NULL pointer dereference in

platform/x86: wmi: remove unnecessary initializations

platform/x86: wmi: Fix opening of char device

phy: ti: phy-omap-usb2: Fix NULL pointer

netfilter: nft_chain_filter: handle

nfs: fix panic when nfs4_ff_layout_prepare_ds()

wifi: mt76: mt7925e: fix use-after-free in

netfilter: nf_tables: do not compare internal

ipv6: fix potential "struct net" leak in

i40e: fix vf may be used uninitialized in this

wifi: iwlwifi: read txq->read_ptr under lock

ipv6: Fix potential uninit-value access in __ip6_make_skb()

wifi: iwlwifi: mvm: guard against invalid STA ID on removal

net: do not leave a dangling sk pointer, when socket creation fails

netns: Make get_net_ns() handle zero refcount net

ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound

wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

vt: fix unicode buffer corruption when deleting characters

eeprom: at24: fix memory corruption race condition

mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work

netfilter: nf_tables: flush pending destroy work before exit_net release

ice: fix memory corruption bug with suspend and rebuild

ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

WiFi - Complex adaptation required.

ipv6: prevent possible NULL deref in fib6_nh_init()

tcp: Fix shift-out-of-bounds in dctcp_update_alpha().

tcp: Fix shift-out-of-bounds in dctcp_update_alpha().

net: openvswitch: fix overwriting ct original tuple for ICMPv6

igc: avoid returning frame twice in XDP_REDIRECT

wifi: brcmfmac: pcie: handle randbuf allocation failure

cxl/region: Fix cxlr_pmem leaks

net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool()

wifi: iwlwifi: mvm: don't set the MFP flag for the GTK

Out of scope: boot time issue

tls: fix missing memory barrier in tls_init

virtio: delete vq in vp_find_vqs_msix() when request_irq() fails

wifi: nl80211: don't free NULL coalescing rule

net: core: reject skb_copy(_expand) for fraglist GSO skbs

rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation

netfilter: nf_tables: honor table dormant flag from netdev release event path

Live-patching will introduce network performance degradation in the best case scenario, or even some more serious issues. N/A or Low cvss3 score from NVD or vendors.

ice: fix LAG and VF lock dependency in

scsi: qla2xxx: Fix off by one in

md/raid5: fix deadlock that raid5d() wait for

md/raid5: remove pr_debug() in raid5d()

netfilter: nf_tables: release mutex after

netfilter: nft_set_rbtree: skip end interval

netfilter: nf_tables: Fix potential data-race in

tap: add missing verification for short frame

tun: add missing verification for short frame

netfilter: nft_limit: reject configurations that cause integer overflow

net: bridge: xmit: make sure we have at least eth

tty: n_gsm: require CAP_NET_ADMIN to attach

CVE marked as rejected by vendor

netfilter: flowtable: validate pppoe header

netfilter: nf_tables: Fix potential data-race in

netfilter: validate user input for expected length

netfilter: complete validation of user input

netfilter: nf_tables: discard table flag update

netfilter: nf_tables: discard table flag update

cxl/port: Fix delete_endpoint() vs parent

vfio/pci: Lock external INTx masking ops

nvmet: fix a possible leak when destroy a ctrl

net: ice: Fix potential NULL pointer dereference

NFSv4: Fix memory leak in nfs4_set_security_label

udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().

net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()

seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors

scsi: qedi: Fix crash while reading debugfs attribute

wifi: iwlwifi: mvm: don't read past the mfuart notifcation

wifi: iwlwifi: mvm: check n_ssids before accessing the ssids

wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()

wifi: cfg80211: Lock wiphy in cfg80211_get_station

net: wwan: iosm: Fix tainted pointer delete is case of region creation fail

ipv6: fix possible race in __fib6_drop_pcpu_from()

tipc: force a dst refcount before doing decryption

mm/huge_memory: don't unpoison huge_zero_folio

RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

crypto: bcm - Fix pointer arithmetic

bnxt_re: avoid shift undefined behavior in

netfilter: nf_tables: Fix potential data-race in

net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args

net/mlx5e: Fix netif state handling

netfilter: bridge: confirm multicast packets

netfilter: bridge: confirm multicast packets kpatch

net: bridge: mst: fix vlan use-after-free

net: bridge: mst: fix vlan use-after-free

net: bridge: mst: fix vlan use-after-free

mm: cachestat: fix folio read-after-free in cache walk

PCI/MSI: Fix UAF in msi_capability_init

nvme: avoid double free special payload

net/sched: Fix UAF when resolving a clash

iommufd: Fix missing update of domains_itree after splitting iopt_area

mm: cachestat: fix two shmem bugs

nfsd: fix RELEASE_LOCKOWNER

kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address

mm/hugetlb: fix missing hugetlb_lock for resv

regmap: maple: Fix cache corruption in

This CVE introduces a regression and is reverted by CVE-2024-42102 in the same errata

efivarfs: force RO when remounting if SetVariable

efivarfs: force RO when remounting if SetVariable

KVM: SVM: Flush pages under kvm->lock to fix UAF

net: fix out-of-bounds access in ops_init

scsi: qedf: Ensure the copied buf is NUL

xhci: Handle TD clearing for multiple streams

cxl/region: Fix memregion leaks in devm_cxl_add_region()

ppp: reject claimed-as-LCP but actually malformed

Fix for skipped CVE-2023-52489 that modifies structure mem_section_usage only used at boot time

xdp: Remove WARN() from __xdp_reg_mem_model()

x86: stop playing stack games in profile_pc()

Reverts CVE-2024-26720, which we don't use.

mm: avoid overflows in dirty throttling logic

x86/coco: Require seeding RNG with RDRAND on CoCo

x86/coco: Require seeding RNG with RDRAND on CoCo

usb-storage: alauda: Check whether the media is initialized

usb-storage: alauda: Check whether the media is initialized (Adaptation)

uio: Fix use-after-free in uio_open

gfs2: Remove ill-placed consistency check

gfs2: simplify gdlm_put_lock with out_free label

gfs2: Fix potential glock use-after-free on unmount

gfs2: Fix potential glock use-after-free on unmount

scsi: qla2xxx: Fix double free of fcport

scsi: qla2xxx: Fix double free of the ha->vp_map pointer

fork: defer linking file vma until vma is fully initialized

wifi: nl80211: Avoid address calculations via out of bounds array indexing

wifi: mac80211: Avoid address calculations via out of bounds array indexing

tty: n_gsm: fix possible out-of-bounds in gsm0_receive()

cppc_cpufreq: Fix possible null pointer dereference

wifi: mt76: replace skb_put with skb_put_zero

cpufreq: exit() callback is optional

gpiolib: cdev: Fix use after free in lineinfo_changed_notify

bpf, sockmap: Prevent lock inversion deadlock in map delete elem

scsi: qla2xxx: Fix command flush on cable pull

ring-buffer: Fix a race between readers and resize checks

Input: cyapa - add missing input core locking to suspend/resume functions

ARM related CVE

ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."

KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes

net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket

net/sched: act_mirred: Create function tcf_mirred_to_dev and improve readability

net/sched: act_mirred: don't override retval if we already lost the skb

net: sched: sch_multiq: fix possible OOB write in multiq_tune()

tipc: Return non-zero value from tipc_udp_addr2str() on error

hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field

hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field

dmaengine: idxd: Fix oops during rmmod on single-CPU platforms

xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

gfs2: Fix NULL pointer dereference in gfs2_log_flush

RFDS: Medium score vulnerability affecting only Intel Atom CPUs, mitigated via microcode update.

Revert "net/mlx5: Block entering switchdev mode with ns inconsistency"

netfilter: nft_flow_offload: reset dst in route object after setting up flow

mptcp: ensure snd_nxt is properly initialized on connect

KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked

Patched function sleeps in kthread.

netfilter: flowtable: initialise extack before use

netpoll: Fix race condition in netpoll_owner_active

af_unix: Fix garbage collector racing against connect()

xfs: don't walk off the end of a directory data block

xfs: add bounds checking to xlog_recover_process_data

net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

block: initialize integrity buffer to zero before writing it to media

ipv6: prevent possible NULL dereference in rt6_probe()

ext4: fold quota accounting into ext4_xattr_inode_lookup_create()

ext4: do not create EA inode under buffer lock

ext4: turn quotas off if mount failed after enabling quotas

ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()

wifi: mt76: mt7921s: fix potential hung tasks during chip recovery

blk-cgroup: fix list corruption from resetting io

net/mlx5e: Use a memory barrier to enforce PTP WQ

netfilter: nf_tables: use timestamp to check for

netfilter: nf_tables: use timestamp to check for

nvme: fix reconnection fail due to reserved tag

lib/test_hmm.c: handle src_pfns and dst_pfns

net: micrel: Fix receiving the timestamp in the

mm/vmscan: fix a bug calling wakeup_kswapd() with

tipc: fix UAF in error path

ethernet: hisilicon: hns: hns_dsaf_misc: fix a

octeontx2-af: avoid off-by-one read from

net: ena: Fix incorrect descriptor free behavior

vt: fix memory overlapping when deleting chars in

tcp: Use refcount_inc_not_zero() in

can: j1939: prevent deadlock by changing

can: j1939: prevent deadlock by changing

r8169: Fix possible ring buffer corruption on

net: hns3: fix use-after-free bug in

netfilter: tproxy: bail out if IP has been