tty: Fix ->pgrp locking in tiocspgrp()

tty: Fix ->session locking

mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start

Xen/x86: don't bail early from clear_foreign_p2m_mapping()

Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()

Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()

Xen/gntdev: correct error checking in gntdev_map_grant_pages()

xen-blkback: don't "handle" error by BUG()

xen-netback: don't "handle" error by BUG()

xen-scsiback: don't "handle" error by BUG()

xen-blkback: fix error handling in xen_blkbk_map()

ovl: pass correct flags for opening real directory

ovl: switch to mounter creds in readdir

ovl: verify permissions in ovl_path_open()

futex: Ensure the correct return value from futex_lock_pi

futex: Simplify fixup_pi_state_owner

futex: Replace pointless printk in fixup_owner

futex: Provide and use pi_state_update_owner

futex: Handle faults correctly for PI futexes

nbd: freeze the queue while we're adding connections

scsi: iscsi: Restrict sessions and handles to admin

scsi: iscsi: Verify lengths on passthrough PDUs

scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE

sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs (dependency)

Xen/gnttab: handle p2m update errors on a per-slot basis

bpf: Prohibit alu ops for pointer types not defining ptr_limit

bpf: Fix off-by-one for area size in creating mask to left

bpf: Simplify alu_limit masking for pointer arithmetic

bpf: Add sanity check for upper ptr_limit

ext4: handle error of ext4_setup_system_zone() on remount

perf/x86/intel: Fix a crash caused by zero PEBS status

btrfs: fix race when cloning extent buffer during rewind of an old

netfilter: x_tables: make xt_replace_table wait until old

netfilter: x_tables: Use correct memory barriers.

xen-blkback: don't leak persistent grants from xen_blkbk_map()

bpf, x86: Validate computation of branch displacements for x86-64

IBM Power9 is unsupported

dm ioctl: fix out of bounds array access when no devices

netfilter: x_tables: fix compat match/target pad out-of-bound write

sctp: delay auto_asconf init until binding the first addr

race condition for removal of the HCI controller.

Bluetooth: verify AMP hci_chan before amp_destroy

Bluetooth: verify AMP hci_chan before amp_destroy (kcare adaptation)

net: mac802154: Fix general protection fault

cipso,calipso: resolve a number of problems with the DOI refcounts

seq_file: Disallow extremely large seq buffer allocations

net/mlx4: Fix EEPROM dump support

Out of scope as the patch is for NFC/Android

Out of scope as the patch is for NFC/Android

Out of scope as the patch is for NFC/Android

KVM: nSVM: do not change host intercepts while nested VM is running (CVE-2021-3656 dependency)

KVM: nSVM: always intercept VMLOAD/VMSAVE when nested

KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl

KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (adaptation)

can: bcm: fix infoleak in struct bcm_msg_head

Input: joydev - prevent use of not validated data in JSIOCSBTNMAP

Out of scope as the patch is for NFC/Android

mac80211: assure all fragments are encrypted

mac80211: add fragment cache to sta_info

mac80211: prevent mixed key and fragment cache attacks

mac80211: prevent mixed key and fragment cache attacks

mac80211: prevent mixed key and fragment cache attacks

mac80211: prevent mixed key and fragment cache attacks

mac80211: prevent mixed key and fragment cache attacks

cfg80211: mitigate A-MSDU aggregation attacks

can: bcm: delay release of struct bcm_op after synchronize_rcu

KVM: do not allow mapping valid but non-reference-counted pages

Bluetooth: fix the erroneous flush_work() order

Bluetooth: use correct lock to prevent UAF of hdev object

sctp: validate from_addr_param return

sctp: add size validation when walking chunks

virtio_console: Assure used length from device is limited

tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.

ext4: fix race writing to an inline_data file while its

fuse: fix bad inode

fuse: fix live lock in fuse_iget()

af_unix: fix garbage collect vs MSG_PEEK

af_unix: fix garbage collect vs MSG_PEEK (adaptation)

fs: add fget_many() and fput_many() (dependency)

fget: check that the fd still exists after getting a ref to

xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like

cgroup-v1: Require capabilities to set release_agent

Initialize registers to avoid stack leak into userspace.

lib/iov_iter: initialize "flags" in new pipe_buffer

lib/timerqueue: Rely on rbtree semantics for next timer

lib/timerqueue: Rely on rbtree semantics for next timer (adaptation)

hugetlbfs: flush TLBs correctly after huge_pmd_unshare

btrfs: unlock newly allocated extent buffer after error

drm/i915: Flush TLBs before releasing backing store

drm/i915: Flush TLBs before releasing backing store (kpatch adaptation)

stale file descriptors on failed usercopy

NFSv4: Handle case where the lookup of a directory fails

tipc: improve size validations for received domain records

udf: Restore i_lenAlloc when inode expansion fails

udf: Fix NULL ptr deref when converting from inline format

ipv4: avoid using shared IP generator for connected sockets

sr9700: sanity check for packet length

An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.

esp: Fix possible buffer overflow in ESP transformation

NFSv4: Initialise connection to the server in nfs4_alloc_client()

Not affected without certain conditions - Secure Boot, configured kgdb/kdb. Complex adaptation

memstick: rtsx_usb_ms: fix UAF

xen/grant-table: add gnttab_try_end_foreign_access()

xen/xenbus: Fix granting of vmalloc'd memory

xen/xenbus: don't let xenbus_grant_ring() remove grants in error case

xen/scsifront: don't use gnttab_query_foreign_access() for mapped status

xen/gntalloc: don't use gnttab_query_foreign_access()

xen/9p: use alloc/free_pages_exact()

ALSA: pcm: Fix races among concurrent read/write and buffer changes

ALSA: pcm: Fix races among concurrent prealloc proc writes

ALSA: pcm: Fix races among concurrent prepare and

ALSA: pcm: Fix races among concurrent hw_params and hw_free

N/A

x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data

floppy: use a statically allocated error counter

floppy: use a statically allocated error counter (kpatch adaptation)

net_sched: cls_route: remove from list when handle is 0

rds: copy_from_user only once per rds_sendmsg system call

scsi: target: Fix protect handling in WRITE SAME(32)

scsi: target: Fix WRITE_SAME No Data Buffer crash

af_key: Do not call xfrm_probe_algs in parallel

media: em28xx: initialize refcount before kref_get

proc: avoid integer type confusion in get_proc_long

proc: proc_skip_spaces() shouldn't think it is working on C strings

scsi: stex: Properly zero out the passthrough command structure

mISDN: fix use-after-free bugs in l1oip timer handlers

mISDN: fix use-after-free bugs in l1oip timer handlers (adaptation)

ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC

tcp/udp: Fix memory leak in ipv6_renew_options()

Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()

Bluetooth: L2CAP: Fix attempting to access uninitialized memory

Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM

ipv6: raw: Deduct extension header length in rawv6_push_pending_frames

i2c: ismt: Fix an out-of-bounds bug in ismt_access()

nfp: fix use-after-free in area_cache_get()

net: sched: atm: dont intepret cls results when asked to drop

media: dvb-core: Fix UAF due to refcount races at releasing

Bluetooth: L2CAP: Fix u8 overflow

net: sched: disallow noqueue for qdisc classes

wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid

hv_netvsc: Add check for kvmalloc_array

vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF

rds: Fix lack of reentrancy for connection reset with dst addr zero

netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c

net/sched: sch_hfsc: Ensure inner classes have fsc curve

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

net: sched: fix race condition in qdisc_graft()

sched/rt: pick_next_rt_entity(): check list_entry

kobject: Fix slab-out-of-bounds in fill_kobj_path()

RDMA/irdma: Prevent zero-length STAG registration

netfilter: nf_tables: Reject tables of unsupported family

netfilter: nf_tables: reject QUEUE/DROP verdict parameters

net/mlx5e: drop shorter ethernet frames

x86/xen: Add xenpv_restore_regs_and_return_to_usermode()

Restrict access to pagemap/kpageflags/kpagecount

N/A

perf: Fix sys_perf_event_open() race against self