Complex adaptation required. Low impact CVE.

usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core

Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg

net/rose: Fix Use-After-Free in rose_ioctl

nfc: nci: fix possible NULL pointer dereference in send_acknowledge()

io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid

netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval()

nvmet: nul-terminate the NQNs passed in the connect command

vhost: use kzalloc() instead of kmalloc() followed by memset()

padata: Fix refcnt handling in padata_free_shell()

mctp: perform route lookups under a RCU read-side lock

jfs: fix array-index-out-of-bounds in dbFindLeaf

netfilter: nf_tables: check if catch-all set element is active in next generation

netfilter: nf_tables: reject QUEUE/DROP verdict parameters

phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function

scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()

ksmbd: destroy expired sessions

ksmbd: destroy expired sessions

uio: Fix use-after-free in uio_open

binder: fix use-after-free in shinker's callback

f2fs: fix to avoid dirent corruption

f2fs: explicitly null-terminate the xattr list

mtd: Fix gluebi NULL pointer dereference caused by ftl notifier

block: add check that partition length needs to be aligned with block size

EDAC/thunderx: Fix possible out-of-bounds string access

drivers/amd/pm: fix a use-after-free in kv_parse_power_table

btrfs: do not ASSERT() if the newly created subvolume already got read

Bluetooth: Fix atomicity violation in {min,max}_key_size_set

bpf: Fix re-attachment branch in bpf_tracing_prog_attach

ksmbd: fix racy issue under cocurrent smb2 tree disconnect

ksmbd: fix racy issue under cocurrent smb2 tree disconnect (adaptation)

ksmbd: fix out-of-bound read in deassemble_neg_contexts()

ksmbd: fix out-of-bound read in parse_lease_state()

ksmbd: fix out of bounds in init_smb2_rsp_hdr()

media: pvrusb2: fix use after free on context disconnection

ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()

powerpc/pseries/memhp: Fix access beyond end of drmem array

mlxsw: spectrum_acl_tcam: Fix stack corruption

bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS

xen-netback: don't produce zero-size SKB frags

ipv6: remove max_size check inline with ipv4

dm ioctl: log an error if the ioctl structure is corrupted

dm: limit the number of targets and parameter size area

apparmor: avoid crash when parsed profile name is empty

gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump

binder: ksmbd: add missing compound request handing in some commands

net: qualcomm: rmnet: fix global oob in rmnet_policy

net: qualcomm: rmnet: fix global oob in rmnet_policy

KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache

ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work

ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()

ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon()

ksmbd: validate session id and tree id in compound request

serial: imx: fix tx statemachine deadlock

serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed

nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length

nvmet-tcp: Fix the H2C expected PDU len calculation

nvmet-tcp: fix a crash in nvmet_req_complete()

bpf: fix check for attempt to corrupt spilled pointer

Complex adaptation required. Issue can be reproduced with special UEFI implementation only.

mfd: syscon: Fix null pointer dereference in of_syscon_register()

drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()

Complex adaptation required.

binder: fix race between mmput() and do_exit()

net/sched: act_ct: fix skb leak and crash on ooo frags

crypto: scomp - fix req->dst buffer overflow

netfilter: nft_set_rbtree: skip end interval element from gc

UBSAN: array-index-out-of-bounds in dtSplitRoot

jfs: fix uaf in jfs_evict_inode

Bluetooth: Add more enc key size check

ksmbd: fix UAF issue in ksmbd_tcp_new_connection()

ksmbd: fix UAF issue in ksmbd_tcp_new_connection() (adaptation)

FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree

jfs: fix array-index-out-of-bounds in diNewExt

KVM: s390: fix setting of fpc register

f2fs: fix to tag gcing flag on page during block migration

llc: call sock_orphan() at release time

powerpc/lib: Validate size for vector operations

jfs: fix array-index-out-of-bounds in dbAdjTree

i2c: i801: Fix block process call transactions

ksmbd: fix global oob in ksmbd_nl_policy

ksmbd: fix global oob in ksmbd_nl_policy (adaptation)

ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()

drm/amd/display: Implement bounds check for stream encoder

net/smc: fix illegal rmb_desc access in SMC-D connection dump

llc: make llc_ui_sendmsg() more robust against bonding

btrfs: don't abort filesystem when attempting to snapshot

scsi: core: Move scsi_host_busy() out of host lock for waking

tcp: add sanity checks to rx zerocopy

tipc: Check the bearer type before calling

binder: signal epoll threads of self-work

IB/ipoib: Fix mcast list locking

wifi: iwlwifi: fix a memory corruption

powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

pstore/ram: Fix crash when setting number of cpus to an odd

s390/ptrace: handle setting of fpc register correctly

SUNRPC: Fix a suspicious RCU usage warning

ceph: fix deadlock or deadcode of misusing dget()

crypto: lib/mpi - Fix unexpected pointer access in

net: prevent mss overflow in skb_segment()

fs/ntfs3: Fix an NULL dereference bug

um: time-travel: fix time corruption

PM / devfreq: Synchronize devfreq_monitor_[start/stop]

net: openvswitch: limit the number of recursions from action sets

net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv

phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

sched/membarrier: reduce the ability to hammer on sys_membarrier

can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock

can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (adaptation)

ext4: avoid online resizing failures due to oversized flex bg

ext4: avoid online resizing failures due to oversized flex bg

llc: Drop support for ETH_P_TR_802_2.

llc: Drop support for ETH_P_TR_802_2 (adaptation)

The modified structure mem_section_usage is used only during bootup time. As we patch the changes after booting they will have no effect. Therefore we cannot patch this CVE.

Power management subsystem - sleep mode. Irrelevant for servers.

wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()

wifi: rt2x00: restart beacon queue when hardware reset

firmware: arm_scmi: Check mailbox/SMT channel for consistency

PM / devfreq: Fix buffer overflow in trans_stat_show

hwrng: core - Fix page fault dead lock on mmap-ed hwrng

block/rnbd-srv: Check for unlikely string overflow

tracing: Ensure visibility when inserting an element into tracing_map

ppp_async: limit MRU to 64K

blk-mq: fix IO hang from sbitmap wakeup race

inet: read sk->sk_family once in inet_recv_error()

tunnels: fix out of bounds access when building IPv6 PMTU error

net: stmmac: xgmac: fix handling of DPP safety error for DMA channels

net: stmmac: xgmac: fix handling of DPP safety error for DMA channels

netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

hwmon: (coretemp) Fix out-of-bounds memory access

nilfs2: fix potential bug in end_buffer_async_write

af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC.

netfilter: nft_limit: reject configurations that cause integer overflow

usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend

crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked

ext4: fix double-free of blocks due to wrong extents moved_len

iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC

nilfs2: fix data corruption in dsync block recovery for small block sizes

nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()

ceph: prevent use-after-free in encode_cap_msg()

Do not support powerpc build with kasan sanitizer 4a7aee96200ad281a5cc4cf5c7a2e2a49d2b97b0

media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run

Complex adaptation required. Network services prevents update because sleeps in inet_csk_accept() function.

media: rc: bpf attach/detach requires write permission

iio: core: fix memleak in iio_device_register_sysfs

nfc: nci: free rx_data_reassembly skb on NCI device cleanup

mptcp: fix data re-injection from stale subflow

media: ir_toy: fix a memleak in irtoy_tx

tracing/trigger: Fix to return error if failed to alloc snapshot

Revert "drm/amd: flush any delayed gfxoff on suspend entry"

dmaengine: fix NULL pointer in channel unregistration

bus: mhi: host: Drop chan lock before queuing buffers

bus: mhi: host: Add alignment check for event ring read

netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for

drm: Don't unref the same fb many times by mistake due to

jfs: fix slab-out-of-bounds Read in dtSearch

HID: i2c-hid-of: fix NULL-deref on failed power up

HID: i2c-hid-of: fix NULL-deref on failed power up

mm/writeback: fix possible divide-by-zero in

kpatch add alt asm definitions

x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file

x86/bhi: Add support for clearing branch history at syscall entry

net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()

wifi: brcmfmac: Fix use-after-free bug in

tomoyo: fix UAF write bug in tomoyo_write_control()

wifi: mac80211: fix potential key use-after-free

smb: client: fix potential OOBs in

fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super

aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()

fs/ntfs3: Fix oob in ntfs_listxattr

netfilter: nf_tables: disallow timeout for anonymous sets

drm/tegra: dsi: Add missing check for of_find_device_by_node

erofs: fix lz4 inplace decompression

wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is

pmdomain: mediatek: fix race conditions with genpd

NTB: fix possible name leak in ntb_register_device()

drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node

bpf: Fix stackmap overflow check on 32-bit arches

RDMA/mlx5: Fix fortify source warning while accessing Eth segment

x86, relocs: Ignore relocations in .notes section

ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()

bpf: Fix hashtab overflow check on 32-bit arches

bpf: Fix DEVMAP_HASH overflow check on 32-bit arches

EFI Firmware: CVE patch is for EFI firmware which runs at boot time.

octeontx2: CVE patch is outside the scope.

afs: Increase buffer size in afs_update_volume_status()

ipv6: sr: fix possible use-after-free and null-ptr-deref

xhci: process isoc TD properly when there was a transaction error mid TD.

xhci: process isoc TD properly when there was a transaction error mid TD.

xhci: handle isoc Babble and Buffer Overrun events properly

sr9800: Add check for usbnet_get_endpoints

x86/fpu: Stop relying on userspace for info to fault in xsave buffer

ext4: regenerate buddy after block freeing failed if under fc replay

Low-severity patch proven to suffer from stack-unsafety problem when patching during network load.

wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()

dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read

btrfs: dev-replace: properly validate device names

btrfs: fix double free of anonymous device after snapshot creation failure

gtp: fix use-after-free and null-ptr-deref in gtp_newlink()

RISCV arch not supported.

fbcon: always restore the old font data in fbcon_do_set_font()

Bluetooth: Avoid potential use-after-free in hci_error_reset

stmmac: Clear variable when destroying workqueue

net: veth: clear GRO when clearing XDP even when down

net: ip_tunnel: prevent perpetual headroom growth

netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter

netfilter: nft_set_pipapo: release elements in clone only from destroy path

ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down()

netfilter: flowtable: simplify route logic

netfilter: nft_flow_offload: release dst in case direct xmit path is used

netfilter: nft_flow_offload: reset dst in route object after setting up flow

efi/capsule-loader: fix incorrect allocation size

ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

netrom: Fix data-races around sysctl_net_busy_read

usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs

wifi: nl80211: reject iftype change with mesh ID change

power: supply: bq27xxx-i2c: Do not free non existing IRQ

rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back

dmaengine: ti: edma: Add some null pointer checks to the

ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()

ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()

ext4: avoid dividing by 0 in mb_update_avg_fragment_size()

spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were

fbdev: sis: Error out if pixclock equals zero

fbdev: savage: Error out if pixclock equals zero

wifi: mac80211: fix race condition on enabling fast-xmit

mptcp: fix double-free on socket dismantle

STM32 arch is not supported. Low impact CVE.

NXP Layerscape SoCs affected only. Unable to fix early initialization.

NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102

quota: Fix potential NULL pointer dereference

cachefiles: fix memory leak in cachefiles_add_cache()

netfilter: nf_conntrack_h323: Add protection for bmp length

hsr: Fix uninit-value access in hsr_get_node()

net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()

Bluetooth: hci_core: Fix possible buffer overflow

do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak

x86/sev-es: Allow copy_from_kernel_nofault() in earlier boot

x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()

net/rds: fix WARNING in rds_conn_connect_if_down

spi: spi-mt65xx: Fix NULL pointer access in interrupt handler

f2fs: replace congestion_wait() calls with io_schedule_timeout()

f2fs: compress: fix to cover normal cluster write with cp_rwsem

clk: zynq: Prevent null pointer dereference caused by kmalloc failure

clk: Fix clk_core_get NULL dereference

clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()

drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()'

drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'

nfp: flower: handle acti_netdevs allocation failure

net: phy: fix phy_get_internal_delay accessing an empty array

nvmet-fc: release reference on target port

nvmet-fc: avoid deadlock on delete association path

IB/hfi1: Fix sdma.h tx->num_descs off-by-one error

l2tp: pass correct message length to ip6_append_data

dm-crypt: don't modify the data when using authenticated

CVE targets a specific ARM processor.

usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()

usb: roles: fix NULL pointer issue when put module's reference

usb: cdns3: fix memory double free when handle zero packet

RDMA/srpt: Support specifying the srpt_service_guid

RDMA/qedr: Fix qedr_create_user_qp error flow

fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio

fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio

Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

media: edia: dvbdev: fix a use-after-free

cpumap: Zero-initialise xdp_rxq_info struct before running XDP program

wifi: iwlwifi: dbg-tlv: ensure NUL termination

media: tc358743: register v4l2 async device only after successful setup

f2fs: compress: fix reserve_cblocks counting error when out of space

net: ethernet: mtk_eth_soc: fix PPE hanging issue

drm/lima: fix a memleak in lima_heap_alloc

wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()

ALSA: usb-audio: Stop parsing channels bits when all channels are found.

scsi: target: core: Add TMF to tmr_list handling

IB/hfi1: Fix a memleak in init_credit_return

netfilter: nf_tables: set dormant flag on hook register failure

drm/amd/display: Fix memory leak in dm_sw_fini()

drm/amdgpu: Reset IH OVERFLOW_CLEAR bit

packet: annotate data-races around ignore_outgoing

RDMA/irdma: Fix KASAN issue with tasklet

Low-severity patch proven to suffer from stack-unsafety problem when patching during network load.

Low-severity patch proven to suffer from stack-unsafety problem when patching during network load.

net: sparx5: Fix use after free inside sparx5_del_mact_entry

net: ice: Fix potential NULL pointer dereference in

net: hns3: fix kernel crash when 1588 is received on HIP08 devices

dm: call the resume method on internal suspend

crypto: xilinx - call finalize with bh disabled

media: pvrusb2: fix uaf in pvr2_context_set_notify

drm/mediatek: Fix a null pointer crash in

RDMA/srpt: Do not register event handler until srpt device is fully setup

PCI: Make pci_dev_is_disconnected() helper public for other drivers

iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected

wireguard: receive: annotate data-race around receiving_counter.counter

net/bnx2x: Prevent access to a freed page in page_pool

cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's

wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

wifi: wilc1000: fix RCU usage in connect path

Out of scope: IBM System/390 architecture isn't supported for current kernel

netfilter: nf_tables: do not compare internal table flags on

media: ttpci: fix two memleaks in budget_av_attach

media: go7007: fix a memleak in go7007_load_encoder

media: dvb-frontends: avoid stack overflow warnings with

media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak

media: v4l2-mem2mem: fix a memleak in

media: v4l2-tpg: fix some memleaks in tpg_alloc

SUNRPC: fix some memleaks in gssx_dec_option_array

arp: Prevent overflow in arp_req_get().

eBPF: low score UAF with CONFIG_BPF_UNPRIV_DEFAULT_OFF=y by default but needs complex adaptation.

VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist

WiFi - Complex adaptation required.

nvme-fc: do not wait in vain when unloading module

nvme-fc: do not wait in vain when unloading module

geneve: make sure to pull inner header in geneve_rx()

clk: meson: Add missing clocks to axg_clk_regmaps

clk: meson: Add missing clocks to axg_clk_regmaps

wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces

netfilter: nft_set_pipapo: do not free live element

netfilter: nf_tables: mark set as dead when unbinding

cifs: fix underflow in parse_server_interfaces()

Bluetooth: Fix TOCTOU in HCI debugfs implementation

USB: core: Fix deadlock in usb_deauthorize_interface()

md/raid5: fix atomicity violation in raid5_cache_count

af_unix: Do not use atomic ops for unix_sk(sk)->inflight

af_unix: Fix garbage collector racing against connect()

media: xc4000: Fix atomicity violation in xc4000_get_frequency

scsi: qla2xxx: Fix double free of fcport

drm/vmwgfx: Fix possible null pointer derefence with invalid contexts

netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()

netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()

netfilter: nf_tables: release batch on table validation from abort path

netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path

sysv: don't call sb_bread() with pointers_lock held

ubi: Check for too small LEB size in VTBL code

netfilter: nf_tables: disallow anonymous set with timeout flag

xen/events: close evtchn after mapping cleanup

amdkfd: use calloc instead of kzalloc to avoid integer overflow

tcp_close is sleepable and called from kthread, which may prevent patching and unpatchng.

tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc

nfsd: fix RELEASE_LOCKOWNER

nfsd: don't take fi_lock in nfsd_break_deleg_cb()

nfs: fix UAF in direct writes

nfs: fix UAF in direct writes

Out of scope: IBM System/390 architecture isn't supported for current kernel

nilfs2: fix failure to detect DAT corruption in btree and

nilfs2: prevent kernel bug at submit_bh_wbc()

wireguard: netlink: check for dangling peer via is_dead instead of empty list

wireguard: netlink: access device through ctx instead of peer

drm/i915/gt: Reset queue_priority_hint on parking

scsi: core: Fix unremoved procfs host directory regression

scsi: qla2xxx: Fix command flush on cable pull

crypto: qat - fix double free during reset (dependency)

crypto: qat - resolve race condition during AER recovery

mm: swap: fix race between free_swap_and_cache() and

pci_iounmap(): Fix MMIO mapping leak

KVM: Always flush async #PF workqueue when vCPU is being destroyed

fat: fix uninitialized field in nostale filehandles

usb: xhci: Add error handling in xhci_map_urb_for_dma

comedi: vmk80xx: fix incomplete endpoint checking

serial/pmac_zilog: Remove flawed mitigation for rx irq flood

usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error

speakup: Avoid crash on very long word

fs: sysfs: Fix reference leak in sysfs_break_active_protection()

arm64: hibernate: Fix level3 translation fault in swsusp_save()

Out of scope as the patch is for vmlinux init sections which are discarded after the boot

nouveau: fix instmem race condition around ptr stores

serial: mxs-auart: add spinlock around changing cts state

USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command

xen-netfront: Add missing skb_mark_for_recycle

netfilter: flowtable: incorrect pppoe tuple

tun: limit printing rate when illegal packet received by tun dev

Out of scope as the patch is for s390 arch only, x86_64 is not affected

drm: nv04: Fix out of bounds access

net: gtp: Fix Use-After-Free in gtp_dellink

net: openvswitch: Fix Use-After-Free in ovs_ct_exit

PCI: Drop pci_device_remove() test of pci_dev->driver (dependency)

PCI/PM: Drain runtime-idle callbacks before driver removal

soc: fsl: qbman: Always disable interrupts when taking cgr_lock

dm snapshot: fix lockup in dm_exception_table_exit

KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region()

wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

net: ll_temac: platform_get_resource replaced by wrong function

drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag

vt: fix unicode buffer corruption when deleting characters

fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion

usb: udc: remove warning when queue disabled ep

btrfs: fix information leak in btrfs_ioctl_logical_to_ino()

irqchip/gic-v3-its: Prevent double free on error

of: dynamic: Synchronize of_changeset_destroy() with the devlink removals

Out of scope as the patch is for riscv arch only, x86_64 is not affected

mm/secretmem: fix GUP-fast succeeding on secretmem folios

x86/mm/pat: fix VM_PAT handling in COW mappings

icmp: prevent possible NULL dereferences from icmp_build_probe()

mlxsw: spectrum_acl_tcam: Fix possible use-after-free during

mlxsw: spectrum_acl_tcam: Fix possible use-after-free during

mlxsw: spectrum_acl_tcam: Fix memory leak during rehash

mlxsw: spectrum_acl_tcam: Fix memory leak when canceling

netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()

netfilter: validate user input for expected length

bpf, sockmap: Prevent lock inversion deadlock in map delete

net/sched: act_skbmod: prevent kernel-infoleak

erspan: make sure erspan_base_hdr is present in skb->head

ipv6: Fix infinite recursion in fib6_dump_done().

mlxbf_gige: stop interface during shutdown

gro: fix ownership transfer

iwlwifi: mvm: rfi: use kmemdup() to replace kzalloc + memcpy (dependency)

wifi: iwlwifi: mvm: rfi: fix potential response leaks

nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet

net/rds: fix possible cp null dereference

block: prevent division by zero in blk_rq_stat_sum()

fbmon: prevent division by zero in fb_videomode_from_videomode()

It is not possible to fix this vulnerability using kernel livepatching because it lies below the system call level.

Out of scope as the patch that introduces the vulnerability 2fbbd712baf1 (net: mana: Enable RX path to handle various MTU sizes) is missing from these kernels

VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()

pstore/zone: Add a null pointer check to the psz_kmsg_read

btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()

btrfs: send: handle path ref underflow in header iterate_inode_ref()

net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()

Bluetooth: btintel: Fix null ptr deref in btintel_read_version

scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()

drm/client: Fully protect modes[] with dev->mode_config.mutex

wifi:ath11k, low score CVE that needs complex adaptation but decreasing MHI Bus' buf-len isn't a typical security fix.

batman-adv: Avoid infinite loop trying to resize local TT

Bluetooth: Fix memory leak in hci_req_sync_complete()

xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING

geneve: fix header validation in geneve[6]_xmit_skb

geneve: fix header validation in geneve[6]_xmit_skb

Complex adaptation required. Livepatching of this vulnerability can harm the network subsystem..

ipv6: fix race condition between ipv6_get_ifaddr and

net/mlx5: Properly link new fs rules into the tree

i2c: smbus: fix NULL function pointer dereference

Out of scope as the patch is for riscv arch only, x86_64 is not affected

ipv4: check for NULL idev in ip_route_use_hint()

mlxsw: spectrum_acl_tcam: Fix warning during rehash

mlxsw: spectrum_acl_tcam: Fix incorrect list API usage

netfilter: nf_tables: honor table dormant flag from netdev release event path

dma: xilinx_dpdma: Fix locking

dmaengine: idxd: Fix oops during rmmod on single-CPU platforms

HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up

binder: check offset alignment in binder_get_object()

vfio/pci: Lock external INTx masking ops

vfio/fsl-mc: Block calling interrupt handler without trigger

scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()

mmc: sdhci-msm: pervent access to suspended controller

vfio/pci: Disable auto-enable of exclusive INTx IRQ

mac802154: fix llsec key resources release in mac802154_llsec_key_del

mac802154: fix llsec key resources release in mac802154_llsec_key_del

ext4: fix corruption during on-line resize

KVM: x86: Mark target gfn of emulated atomic instruction as dirty

ubifs: Set page uptodate in the correct place

usb: gadget: ncm: Fix handling of zero block length packets

netfilter: nf_tables: flush pending destroy work before exit_net release

netfilter: nf_tables: discard table flag update with pending basechain deletion

Bluetooth: qca: fix NULL-deref on non-serdev suspend

drm/amdgpu: validate the parameters of bo mapping operations more clearly

mlxbf_gige: call request_irq() after NAPI initialized

bpf: Fix verification of indirect var-off stack access (dependency)

bpf: Protect against int overflow for stack access size

i40e: fix vf may be used uninitialized in this function warning

kprobes: Fix possible use-after-free issue on kprobe registration

tty: n_gsm: fix possible out-of-bounds in gsm0_receive()

ksmbd: fix potencial out-of-bounds when buffer offset is

smb: client: fix use-after-free bug in

Bluetooth: af_bluetooth: Fix deadlock

x86/sev: Harden #VC instruction emulation somewhat

x86/sev: Check for MWAITX and MONITORX opcodes in the #VC

netfilter: nft_set_pipapo: constify lookup fn args where

netfilter: nft_set_pipapo: walk over current view on netlink

netfilter: nf_tables: missing iterator type in lookup walk

ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf

ksmbd: validate request buffer size in

eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (dependency)

eeprom: at24: Use dev_err_probe for nvmem register failure (dependency)

eeprom: at24: fix memory corruption race condition

Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout

Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout

firewire: nosy: ensure user_length is taken into account when

dyndbg: fix old BUG_ON in >control parser

md: fix kmemleak of rdev->serial

KEYS: trusted: Fix memory leak in tpm2_key_encode()

KEYS: trusted: Do not use WARN when encode fails

remoteproc: mediatek: Make sure IPI buffer fits in L2TCM

net: fix out-of-bounds access in ops_init

tipc: fix UAF in error path

drm/vmwgfx: Fix invalid reads in fence signaled events

drm/amd/display: Fix division by zero in setup_dsc_config

ALSA: Fix deadlocks with kctl removals at disconnection

arm: arch is not supported

tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets

tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().

rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation

ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()

drm/amd/display: Atom Integrated System Info v2_2 for DCN35

mptcp: ensure snd_nxt is properly initialized on connect

Bluetooth: qca: add missing firmware sanity checks

s390: arch is not supported

bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue

bna: ensure the copied buf is NUL terminated

s390: arch is not supported

net: core: reject skb_copy(_expand) for fraglist GSO skbs

scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload

blk-iocost: avoid out of bounds shift

KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (dependency)

KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

wifi: nl80211: don't free NULL coalescing rule

pinctrl: core: delete incorrect free in pinctrl_enable()

ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()

tipc: fix a possible memleak in tipc_buf_append

scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

firewire: ohci: mask bus reset interrupts between ISR and bottom half

qibfs: fix dentry leak

phonet: fix rtm_phonet_notify() skb allocation

octeontx2-af: avoid off-by-one read from userspace

fs/9p: only translate RWX permissions for plain 9P2000

drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()

nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().

pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()

Live-patching will introduce network performance degradation in the best case scenario, or even some more serious issues. N/A or Low cvss3 score from NVD or vendors.

Out of scope - related to SuperH

gfs2: Fix slab-use-after-free in gfs2_qd_dealloc

net: atlantic: Fix DMA mapping for PTP hwts ring

Fixed function sleeps and executed in kthread, which may prevent patching/unpatching. Low score CVE.

ipv6: prevent NULL dereference in ip6_output()

Out of scope: User-mode Linux isn't supported for current kernel

mmc: davinci: Don't strip remove function when driver is

tcp_metrics: validate source addr length

tcp_metrics: validate source addr length

net: sched: sch_multiq: fix possible OOB write in multiq_tune()

drm/amd/display: Fix potential index out of bounds in color transformation function

net/mlx5: Discard command completions in internal error

nilfs2: We cannot patch functions that sleep in kthread().

stm class: Fix a double free in stm_register_device()

kdb: Fix buffer overflow during tab-complete

greybus: Fix use-after-free bug in gb_interface_release due to race condition.

dma-mapping: benchmark: handle NUMA_NO_NODE correctly

Out of scope as the patch is for NFC/Android

net/dpaa2: Avoid explicit cpumask var allocation on stack

net/iucv: Avoid explicit cpumask var allocation on stack

nilfs2: add missing check for inode numbers on directory

BPF selftest fix, not a kernel code.

net: dsa: mv88e6xxx: Correct check for empty list

wifi: mt76: replace skb_put with skb_put_zero

drm/amdgpu: add error handle to avoid out-of-bounds

bonding: Fix out-of-bounds read in

net/sched: Fix UAF when resolving a clash

media: lgdt3306a: Add a check against null-pointer-def

Patched functions sleep and are called from a kthread. Trackpad suspend/resume fix.

net: can: j1939: enhanced error handling for tightly received

media: cec: cec-api: add locking in cec_release()

usb: gadget: printer: fix races against disable

genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU

ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound

f2fs: compress: don't allow unaligned truncation on released

f2fs: compress: fix to cover

dma-mapping: benchmark: fix node id validation

tls: fix missing memory barrier in tls_init

ppdev: Add an error check in register_device

Bluetooth: qca: fix info leak when fetching fw build id

drm/arm/malidp: fix a possible null pointer dereference

netfilter: tproxy: bail out if IP has been disabled on the device

usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete

netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()

drm: Check output polling initialized before disabling

drm: Check output polling initialized before disabling

Complex adaptation required. Livepatching of this vulnerability can harm the network subsystem.

scsi: qedf: Ensure the copied buf is NUL terminated

net: openvswitch: fix overwriting ct original tuple for ICMPv6

ASoC: kirkwood: Fix potential NULL dereference

drm/mediatek: Add 0 size check to mtk_drm_gem_obj

drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference

media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries

drm: vc4: Fix possible null pointer dereference

net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP

nilfs2: fix potential kernel bug due to lack of writeback

r8169: Fix possible ring buffer corruption on fragmented Tx packets.

nilfs2: fix unexpected freezing of nilfs_segctor_sync() (dependency)

nilfs2: fix potential hang in nilfs_detach_log_writer()

epoll: be better about file lifetimes

crypto: bcm - Fix pointer arithmetic

ecryptfs: Fix buffer size for tag 66 packet

cppc_cpufreq: Fix possible null pointer dereference

thermal/drivers/tsens: Fix null pointer dereference

scsi: bfa: Ensure the copied buf is NUL terminated

speakup: Fix sizeof() vs ARRAY_SIZE() bug

ring-buffer: Fix a race between readers and resize checks

jffs2: prevent xattr node from overflowing the eraseblock

af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg

RDMA/hns: Fix deadlock on SRQ async events.

RDMA/hns: Modify the print level of CQE error

ALSA: core: Fix NULL module pointer assignment at card init

macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"

Out of scope as the patch is for m68k arch only, x86_64, arm64 is not affected

Vulnerability affects OS during boot time and can't be closed via livepatching.

Patch changes global data size, which may lead to FS errors. Low-score CVE requires complex adaptation.

media: stk1160: fix bounds checking in stk1160_copy_video()

ALSA: timer: Set lower bound of start tick time

greybus: lights: check return of get_channel_from_mode

soundwire: cadence: fix invalid PDI offset

serial: max3100: Update uart_driver_registered on driver removal

dma-buf/sw-sync: don't enable IRQ from sync_print_obj()

enic: Validate length of nl attributes in enic_set_vf_port

bpf: Allow delete from sockmap/sockhash only if update is allowed

ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()

Out of scope as the patch is for s390 arch only, x86_64, arm64 is not affected

ipv6: sr: fix missing sk_buff release in seg6_input_core

ipv6: sr: fix memleak in seg6_hmac_init_algo

f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()

thermal/drivers/qcom/lmh: Check for SCM availability at probe

fbdev: savage: Handle err return when savagefb_check_var failed

net/9p: fix uninit-value in p9_client_rpc()

smb: client: fix deadlock in smb2_find_smb_tcon()

crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak

liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet

drm/komeda: check for error-valued pointer

drivers: core: synchronize really_probe() and dev_uevent()

vmci: prevent speculation leaks by sanitizing event in event_deliver()

HID: core: remove unnecessary WARN_ON() in implement()

wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()

wifi: cfg80211: Lock wiphy in cfg80211_get_station

wifi: iwlwifi: mvm: check n_ssids before accessing the ssids

bpf: Set run context for rawtp test_run callback

ipv6: fix possible race in __fib6_drop_pcpu_from()

USB: class: cdc-wdm: Fix CPU lockup caused by excessive log

scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory

wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects

wifi: iwlwifi: mvm: don't read past the mfuart notifcation

iommu: Return right value in iommu_sva_bind_device()

iommu: Return right value in iommu_sva_bind_device()

drm/exynos/vidi: fix memory leak in .get_modes()

ocfs2: fix races between hole punching and AIO+DIO

xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors

scsi: qedi: Fix crash while reading debugfs attribute

drm/lima: mask irqs in timeout path before hard reset

Out of scope as the patch is for powerpc arch only, x86_64 is not affected

f2fs: remove clear SB_INLINECRYPT flag in default_options

MIPS related CVE.

serial: imx: Introduce timeout when waiting on transmitter empty

Out of scope as the patch is for MIPS arch only, x86_64 is not affected

ipv6: prevent possible NULL deref in fib6_nh_init()

ipv6: prevent possible NULL dereference in rt6_probe()

crypto: hisilicon/sec - Fix memory leak for sec resource release

batman-adv: bypass empty buckets in batadv_purge_orig_ref()

tracing: Build event generation tests only as modules

tracing: Build event generation tests only as modules

tipc: force a dst refcount before doing decryption

ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs.

RDMA/mlx5: Add check for srq max_sge attribute

drm/radeon: fix UBSAN warning in kv_dpm.c

drm/amdgpu: fix UBSAN warning in kv_dpm.c

netpoll: Fix race condition in netpoll_owner_active

ppp: reject claimed-as-LCP but actually malformed packets

udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().

Fix userfaultfd_api to return EINVAL as expected

usb: atm: cxacru: fix endpoint checking in cxacru_bind()

drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes

drm/amdgpu: avoid using null object of framebuffer

drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes

The patch affects too much kernel code. Low impact CVE.

pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER

ASoC: fsl-asoc-card: set priv->pdev before using it

drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep

gpio: davinci: Validate the obtained number of IRQs

x86: stop playing stack games in profile_pc()

iio: chemical: bme680: Fix overflows in compensate() functions

ftruncate: pass a signed offset

crypto: ecdh - explicitly zeroize private_key

ALSA: emux: improve patch ioctl data validation

drm/amd/display: Check pipe offset before setting vblank

drm/amd/display: Skip finding free audio for unknown engine_id

jffs2: Fix potential illegal address access in jffs2_free_inode

drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes

drm/lima: fix shared irq handling on driver remove

scsi: qedf: Make qedf_execute_tmf() non-preemptible

Arch riscv is not supported.

mm: avoid overflows in dirty throttling logic

nvmet: fix a possible leak when destroy a ctrl during qp

nfc/nci: Add the inconsistency check between the input data length and count

crypto: aead,cipher - zeroize key buffer after use

media: dvb-frontends: tda10048: Fix integer overflow

s390 architecture related CVE.

usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()

libceph: fix race between delayed_work() and ceph_monc_stop()

wireguard: allowedips: avoid unaligned 64-bit memory accesses

net: fix __dst_negative_advice() race

filelock: fix potential use-after-free in posix_lock_inode

net: ethernet: lantiq_etop: fix double free in detach

jfs: xattr: fix buffer overflow for invalid xattr

block/ioctl: prefer different overflow check

netns: Make get_net_ns() handle zero refcount net

Applies to 32-bit systems only that we don't cover

dmaengine: idxd: Fix possible Use-After-Free in

net: do not leave a dangling sk pointer, when socket creation

drm/i915/gt: Fix potential UAF by revoke of fence registers

ata: libata-core: Fix double free on error

btrfs: zoned: fix use-after-free due to race with dev replace

drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

ima: Fix use-after-free on a dentry's dname.name

f2fs: check validation of fault attrs in

netfilter: nf_tables: restore set elements when delete set fails

rxrpc: Fix delayed ACKs to not set the reference serial number

rxrpc: Fix delayed ACKs to not set the reference serial number (Adaptation)

bpf: Fix overrunning reservations in ringbuf

bpf: Fix overrunning reservations in ringbuf (adaptation)

gfs2: Fix potential glock use-after-free on unmount

gfs2: Fix potential glock use-after-free on unmount

gfs2: Fix potential glock use-after-free on unmount

watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger

netem: fix return value if duplicate enqueue fails

ipv6: fix possible UAF in ip6_finish_output2()

ipv6: prevent UAF in ip6_send_skb()

atm: idt77252: prevent use after free in dequeue_rx()

Architecture is not supported

scsi: aacraid: Fix double-free on probe failure

drm/amdgpu: Fix out-of-bounds write warning

VMCI: Fix use-after-free when removing resource in vmci_resource_remove()

binder: fix UAF caused by offsets overwrite

Squashfs: sanity check symbolic link size

HID: amd_sfh: free driver_data after destroying hid device

hfsplus: fix uninit-value in copy_name

gtp: pull network headers in gtp_dev_xmit()

tap: add missing verification for short frame

tun: add missing verification for short frame

drm/amd/pm: fix the Out-of-bounds read warning

drm/amdgpu: fix ucode out-of-bounds read warning

um: line: always fill *error_out in setup_one_line()

drm/amdgpu: fix mc_data out-of-bounds read warning

exec: Fix ToCToU between perm check and set-uid/gid usage

drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number

HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup

of/irq: Prevent device address out-of-bounds read in interrupt map walk

netfilter: flowtable: validate vlan header

ax25: Fix reference count leak issues of ax25_dev

CVE patch is for RISCV arch only

scsi: core: Fix a use-after-free

scsi: core: Fix a use-after-free

net/sched: flower: Fix chain template offload

net/sched: flower: Fix chain template offload

nvme: avoid double free special payload

CVE patch is for powerpc arch only

tipc: Return non-zero value from tipc_udp_addr2str() on error

mISDN: Fix a use after free in hfcmulti_tx()

net/iucv: fix use after free in iucv_sock_close()

drm/amdkfd: don't allow mapping the MMIO HDP page with large pages

wifi: mac80211: Avoid address calculations via out of bounds array indexing

smack: tcp: ipv4, fix incorrect labeling

rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow

RDMA/iwcm: Fix a use-after-free related to destroying CM IDs

dev/parport: fix the array out-of-bounds risk

Patched function waits for external events, which may prevent patching/unpatching.

media: venus: fix use after free in vdec_close

jfs: Fix array-index-out-of-bounds in diFree

vhost/vsock: always initialize seqpacket_allow

vhost/vsock: always initialize seqpacket_allow

net: bridge: mcast: wait for previous gc cycles when removing port

mptcp: pm: avoid possible UaF when selecting endp

ipv6: prevent possible UAF in ip6_xmit()

ocfs2: add bounds checking to ocfs2_check_dir_entry()

jfs: don't walk off the end of ealist

fs/ntfs3: Validate ff offset

filelock: Remove locks reliably when fcntl/close race is detected

drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()

netfilter: nf_tables: prefer nft_chain_validate

drm/radeon: check bo_va->bo is non-NULL before using it

Bluetooth: hci_core: cancel all works upon hci_unregister_dev()

CVE patch is for powerpc arch only

CVE patch is for powerpc arch only

Out of scope as the patch is for s390 arch only, x86_64 is not affected

wifi: cfg80211: wext: add extra SIOCSIWSCAN data check

null_blk: fix validation of block size

btrfs: qgroup: fix quota root leak after quota disable failure

ila: block BH in ila_output()

ata: libata-core: Fix null pointer dereference on error

wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values

wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (Adaptation)

net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket

powerpc arch not supported.

drm/i915/gem: Fix Virtual Memory mapping boundaries calculation

bna: adjust 'name' buf size of bna_tcb and bna_ccb structures

ila: call nf_unregister_net_hooks() sooner

protect the fetch of ->fd[fd] in do_dup2() from mispredictions

RISCV arch not supported.

netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().

netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().

iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en

bpf: Fix a segment issue when downgrading gso_size

net: nexthop: Initialize all fields in dumped nexthops

f2fs: fix return value of f2fs_convert_inline_inode()

scsi: qla2xxx: Complete command early within lock

can: bcm: Remove proc entry when dev is unregistered.

f2fs: fix to don't dirty inode for readonly filesystem

fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed

kobject_uevent: Fix OOB access within zap_modalias_env()

scsi: qla2xxx: Fix for possible memory corruption