rxrpc: Fix several cases where a padded len isn't checked in ticket decode

mm: Tighten x86 /dev/mem with zeroing reads

xen-blkback: don't leak stack data via response ring

char: lp: fix possible integer overflow in lp_setup()

fs/exec.c: account for argv/envp pointers

ALSA: timer: Fix race between read and ioctl

ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT

ipv6: avoid overflow of offset in ip6_find_1stfragopt

mqueue: fix a use-after-free in sys_mq_notify()

packet: fix tp_reserve race in packet_set_ring

tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0

xfrm: policy: check policy direction value

xen: fix bio vec merging

Bluetooth: Properly check L2CAP config option output buffer length

kvm: nVMX: Don't allow L2 to access the hardware CR8

nl80211: check for the required netlink attributes presence

scsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly

video: fbdev: aty: do not leak uninitialized padding in clk to userspace

xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present

net: Fix exploitable memory corruption due to UFO to non-UFO path switch.

verify type of l2cap socket

add check if bnep socket is l2cap socket

use-after-free of ALSA usb-audio data

ext4: validate s_first_meta_bg at mount time

ext4: fix fencepost in s_first_meta_bg validation

dccp: CVE-2017-8824: use-after-free in DCCP code

saa7164: fix endian conversion in saa7164_bus_set()

saa7164: fix sparse warnings

saa7164: fix double fetch PCIe access condition

fix unbalanced page refcounting in bio_map_user_iov

mac80211: accept key reinstall without changing anything

scsi: qla2xxx: Fix an integer overflow in sysfs code

sctp: do not peel off an assoc from one netns to another one

ALSA: seq: Fix use-after-free at creating a port

KEYS: don't let add_key() update an uninstantiated key

packet: race condition in packet_bind

packet: hold bind lock when rebinding to fanout hook

packet: in packet_do_bind, test fanout with bind_lock held

USB: serial: console: fix use-after-free after failed setup

ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor

USB: fix out-of-bounds in usb_set_configuration

usb: usbtest: fix NULL pointer dereference

HID: usbhid: fix out-of-bounds bug

USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()

cx231xx-cards: fix NULL-deref on missing association descriptor

media: imon: Fix null-ptr-deref in imon_probe

Input: gtco - fix potential out-of-bound access

net: cdc_ether: fix divide by 0 on bad descriptors

ipsec: Fix aborted xfrm policy dump crash

KVM: VMX: remove I/O port 0x80 bypass on Intel hosts

memory corruption in USB core subsystem

Fix stack out-of-bounds read in write_mmio

crypto: salsa20 - fix blkcipher_walk API usage

add kernel page table isolation feature(aka KAISER)

kcpti: fix cpu hotplug crash

kcpti: ignore Xen PV guests

kcpti: map performance monitoring buffers

kcpti: align trampoline stack to 16

kcpti: free all shadow page table layers

kcpti: check present flag when removing global pte flag

kcpti: ignore AMD processors

kcpti: apply patch to Xen PV domains

kcpti: fix use after free

perf/hwbp: Simplify the perf-hwbp code, fix documentation

Restrict access to pagemap/kpageflags/kpagecount