KEYS: Fix race between key destruction and finding a keyring by name

KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring

KEYS: Don't permit request_key() to construct a new keyring

veth: don't modify ip_summed; doing so treats packets with bad checksums as good

KEYS: Fix ASN.1 indefinite length object parsing

IB/security: Restrict use of the write() interface

sctp: Prevent soft lockup when sctp_accept() is called during a timeout event

ovl: fix permission checking for setattr

KEYS: potential uninitialized variable

udp: properly support MSG_PEEK with truncated buffers

tcp: make challenge acks less predictable

tcp: make challenge acks less predictable

netfilter: x_tables: validate e->target_offset early

netfilter: x_tables: make sure e->next_offset covers remaining blob size

netfilter: x_tables: fix unconditional helper

netfilter: x_tables: check for bogus target offset

[net] add recursion limit to GRO

mm: remove gup_flags FOLL_WRITE games from __get_user_pages()

fs/pnode.c: treat zero mnt_group_id-s as unequal

propogate_mnt: Handle the first propogated copy being a slave

HID: hiddev: validate num_values for HIDIOCGUSAGES,HIDIOCSUSAGES commands

Btrfs: fix truncation of compressed and inlined extents

Btrfs: fix truncation of compressed and inlined extents

iw_cxgb3: Fix incorrectly returning error on success

Bluetooth: Fix potential NULL dereference in RFCOMM bind callback

ASN.1: Fix non-match detection failure on data overrun

x86/mm: Add barriers and document switch_mm()-vs-flush synchronization

ALSA: usb-audio: avoid freeing umidi object twice

ipv4: Don't do expensive useless work during inetdev destroy.

atl2: Disable unimplemented scatter/gather feature

atl2: Disable unimplemented scatter/gather feature (kpatch adaptation)

ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS

ALSA: timer: Fix leak in events via snd_timer_user_ccallback

ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt

IB/srpt: Simplify srpt_handle_tsk_mgmt()

aacraid: Check size values after double-fetch from user

packet: missing dev_put() in packet_do_bind()

packet: race condition in packet_bind

ALSA: rawmidi: Change resized buffers atomically

N/A

net: Fix use after free in the recvmmsg exit path

tcp: fix use after free in tcp_xmit_retransmit_queue()

sctp: validate chunk len before actually using it

dccp: fix freeing skb too early for IPV6_RECVPKTINFO

kvm: x86: Check memopp before dereference

vfio/pci: Fix integer overflows, bitmask check

packet: fix race condition in packet_set_ring

tty: n_hdlc: get rid of racy n_hdlc.tbuf

mpi: Fix NULL ptr dereference in mpi_powm

net: avoid signed overflows for SO_{SND|RCV}BUFFORCE

selinux: fix off-by-one in setprocattr

kernel: Null pointer dereference in search_keyring

block: fix use-after-free in seq file

crypto: algif_hash - Only export and import on sockets with data

ext4: validate s_first_meta_bg at mount time

net/packet: fix overflow in check for priv area size, tp_frame_nr, tp_reserve

sctp: avoid BUG_ON on sctp_wait_for_sndbuf

mm: enlarge stack guard gap

nfsd: stricter decoding of write-like NFSv2/v3 ops

KVM: x86: fix emulation of "MOV SS, null selector"

nfsd: check for oversized NFSv2/v3 arguments

tcp: avoid infinite loop in tcp_splice_read()

fs/binfmt_elf.c: fix bug in loading of PIE binaries

l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind()

nfsd: encoders mustn't use unitialized values in error cases

KEYS: Fix short sprintf buffer in /proc/keys show function

[net] netlink: Fix dump skb leak/double free

[scsi] sg_write()/bsg_write() is not fit to be called under KERNEL_DS

[include] crypto: api - prevent helper ciphers from being used

[crypto] mcryptd - process CRYPTO_ALG_INTERNAL

[crypto] mcryptd - Check mcryptd algorithm compatibility

[x86] kvm: fix page struct leak in handle_vmon

[net] ping: implement proper locking

[net] ipv4: keep skb->dst around in presence of IP options

[scsi] sg: check length passed to SG_NEXT_CMD_LEN

[mm] mempolicy.c: fix error handling in set_mempolicy and mbind

[x86] mm: Tighten x86 /dev/mem with zeroing reads

[net] tcp: do not inherit fastopen_req from parent

[net] ipv6/dccp: do not inherit ipv6_mc_list from parent

[net] tcp: do not inherit fastopen_req from parent

[net] sctp: do not inherit ipv6_{mc|ac|fl}_list from parent

[net] ipv6: Prevent overrun when parsing v6 header options

[net] ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt()

[net] ipv6: Check ip6_find_1stfragopt() return value properly

[net] ipv6: Fix leak in ipv6_gso_segment()

[fs] mnt: Prevent pivot_root from creating a loop in the mount tree

[fs] Add a missing permission check to do_umount

[security] keys: Disallow keyrings beginning with '.' to be joined as session keyrings

[fs] xfs: fix two memory leaks in xfs_attr_list.c error paths

[x86] kvm: nvmx: Allow L1 to intercept software exceptions (#BP and #OF)

RDS: verify the underlying transport exists before creating a connection

RDS: fix race condition when sending a message on unbound socket

perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race

ext4: validate that metadata blocks do not overlap superblock

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Bluetooth: Properly check L2CAP config option output buffer length

xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window

xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder

udp: consistently apply ufo or fragmentation

net-packet: fix race in packet_set_ring on PACKET_RESERVE

ipc: mqueue: fix a use-after-free in sys_mq_notify()

net: ping: check minimum size on ICMP header length

net: ipv6: avoid overflow of offset in ip6_find_1stfragopt

net: ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()

net: tcp: fix 0 divide in __tcp_select_window()

net: tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0

ALSA: timer: Fix race among timer ioctls

ALSA: timer: Fix race at concurrent reads

ALSA: timer: Fix negative queue usage by racy accesses

ALSA: timer: fix NULL pointer dereference in read()/ioctl() race

ALSA: timer: Fix race between read and ioctl

ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT

meltdown: introduce gmb

add kernel page table isolation feature(aka KAISER)

kcpti: fix cpu hotplug crash

kcpti: ignore Xen PV guests

kcpti: map performance monitoring buffers

kcpti: align trampoline stack to 16

kcpti: free all shadow page table layers

kcpti: check present flag when removing global pte flag

kcpti: ignore AMD processors

kcpti: apply patch to Xen PV domains

N/A

N/A

spec_ctrl

spec_ctrl: print warning on {ibrs,ibpb}_enabled files creation failure

spec_ctrl: rescan cpuid when patch is loaded

N/A

keys: Fix an error code in request_master_key()

keys: Use memzero_explicit() for secret data

keys: Differentiate uses of rcu_dereference_key() and user_key_payload()

keys: fix keyctl_set_reqkey_keyring() to not leak thread keyrings

keys: Fix handling of stored error in a negatively instantiated user key

packet: fix races in fanout_add()

packet: Do not call fanout_release from atomic contexts

packet: hold bind lock when rebinding to fanout hook

packet: in packet_do_bind, test fanout with bind_lock held

assoc_array: Fix a buggy node-splitting case

keys: prevent KEYCTL_READ on negative key

x86/mm/32: Enable full randomization on i386 and X86_32

[media] xc2028: avoid use after free

firewire: net: guard against rx buffer overflows

avoid overflow in vmw_surface_define_ioctl()

bio: avoid page leaks

hugetlbfs: remove superfluous page unlock in VM_SHARED case

netfilter: nfnetlink_cthelper: Add missing permission checks

netlink: Add netns check on taps

USB: core: prevent malicious bNumInterfaces overflow

netfilter: xt_TCPMSS: add more sanity tests on tcph->doff

dm: fix race between dm_get_from_kobject() and __dm_destroy()

Bluetooth: Prevent stack info leak from the EFS element.

ACPI: sbshc: remove raw pointer from printk() message.

futex: Prevent overflow by strengthen input validation

Prevent flooding into debug port 0x80

Prevent flooding into debug port 0x80

Sanitize 'move_pages()' permission checks

dccp: fix use-after-free (CVE-2017-8824)

scsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly

provide with option to switch compat32 v4l ioctls on and off.

alsa: seq: Make ioctls race-free

xfs: enhance dinode verifier

kvm/x86: fix icebp instruction handling

perf/hwbp: Simplify the perf-hwbp code, fix documentation

x86/entry/64: Don't use IST entry for #BP stack

x86/entry/64: Don't use IST entry for #BP stack (kpatch adaptation)

netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets

ipsec: Fix aborted xfrm policy dump crash

ipsec: Fix aborted xfrm policy dump crash (kpatch adaptation)

N/A

N/A

Speculative Store Bypass mitigation

xfrm: policy: check policy direction value

tcp: avoid collapses in tcp_prune_queue() if possible

tcp: detect malicious patterns in tcp_collapse_ofo_queue()

crypto: algif_skcipher - Load TX SG list after waiting

Revert "net: increase fragment memory usage limits"

fix for use-after-free bug via crafted system calls in mm/mempolicy.c:do_get_mempolicy()

ALSA: seq: Fix racy pool initializations

introduce barrier_nospec() and array_index_nospec() (adaptation, 862.2.3.el7)

fix regression when using the last syscall on x86 (adaptation, 693.11.1.el7-kernels)

fix regression for ipv6 in latest kernels after spectre commit (adaptation)

Add disable SMT knob

Setup L1TF bug bit

Add ability to flush l1d cache on vmexit

Limit arg stack to at most 75% of _STK_LIM

get_rock_ridge_filename(): handle malformed NM entries

ALSA: pcm: prevent UAF in snd_pcm_info

timerfd: Protect the might cancel mechanism proper

timerfd: Protect the might cancel mechanism proper (kpatch adaptation)

crypto: salsa20 - fix blkcipher_walk API usage

ext4: fail ext4_iget for root directory if unallocated

posix-timer: Properly check sigevent->sigev_notify

fix possible deadlock with mutex within SCSI libsas (adaptation)

loop: fix concurrent lo_open/lo_release

sctp: verify size of a new chunk in _sctp_make_chunk()

scsi: libsas: fix memory leak

drm: udl: Properly check framebuffer mmap offsets

ext4: always verify the magic number in xattr blocks

ext4: always verify the magic number in xattr blocks

ext4: clear i_data in ext4_inode_info when removing inline data

ext4: avoid running out of journal credits when appending to an inline file

ALSA: rawmidi: Change resized buffers atomically

Fix up non-directory creation in SGID directories

net: create skb_gso_validate_mac_len()

mm/madvise.c: fix madvise() infinite loop under special circumstances

ext4: don't allow r/w mounts if metadata blocks overlap the superblock

xfs: move inode fork verifiers to xfs_dinode_verify

xfs: enhance dinode verifier

cdrom-information-leak-in-cdrom_ioctl_media_changed.patch

proc: do not access cmdline nor environ from file-backed areas

AIO: properly check iovec sizes

ext4: always check block group bounds in ext4_init_block_bitmap()

ext4: make sure bitmaps and the inode table don't overlap with bg descriptors

include/linux/mmdebug.h: add VM_WARN which maps to WARN()

include/linux/mmdebug.h: add VM_WARN_ONCE()

hugetlbfs: check for pgoff value overflow

hugetlbfs: check for pgoff value overflow

hugetlbfs: check for pgoff value overflow

include/linux/mmdebug.h: fix VM_WARN[_*]() with CONFIG_DEBUG_VM=n

mm/hugetlb.c: clean up VM_WARN usage

scsi: target: iscsi: Use hex2bin instead of a re-implementation

[fs] xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE

[fs] ext4: add more inode number paranoia checks

net/packet: fix a race in packet_bind() and packet_notifier()

net: Set sk_prot_creator when cloning sockets to the right proto

proc: restrict kernel stack dumps to root

use-after-free vulnerability in the way the Linux kernel's KVM hypervisor implements its device control API

use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled

[net] tcp: pass previous skb to tcp_shifted_skb()

[net] tcp: limit payload size of sacked skbs

[net] tcp: tcp_fragment() should apply sane memory limits

[net] tcp: add tcp_min_snd_mss sysctl

[net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

nfsd: COPY and CLONE operations require the saved filehandle to be set

ipmi_si: fix use-after-free of resource->name

sunrpc: use-after-free in svc_process_common()

sunrpc: use-after-free in svc_process_common()

CVE-2018-16884 kpatch adaptation

N/A

N/A

N/A

N/A

N/A

MDS CPU Side-channel Attacks mitigation

vhost-net: set packet weight of tx polling to 2 * vq size

vhost_net: use packet weight for rx handler, too

vhost_net: introduce vhost_exceeds_weight()

vhost_net: fix possible infinite loop

mm/mincore.c: make mincore() more conservative

l2tp: pass tunnel pointer to ->session_create()

KVM: x86: introduce linear_{read,write}_system

KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system

kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access

N/A

vhost/vsock: fix use-after-free in network stack callers

3.10.0/CVE-2018-15594.patch

Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer

Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt

vfio/type1: Limit DMA mappings per container

vfio/type1: Limit DMA mappings per container

coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

scsi: megaraid_sas: return error when create DMA pool failed

ext4: zero out the unused memory region in the extent tree block

floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl

HID: debug: check length before copy_to_user()

alarmtimer: Prevent overflow for relative nanosleep

validate cached inodes are free when allocated in xfs

xfs: fixed incorrect xfs_da_shrink_inode call with NULL buffer

xfs: fixed possible ifp->if_broot dereference based on the XFS_DINODE_FMT_BTREE format

xfs: fix a null pointer dereference in xfs_bmap_extents_to_btree

xfs: fix error handling in xfs_bmap_extents_to_btree

cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status

iovec: make sure the caller actually wants anything in memcpy_fromiovecend

KVM: x86: work around leak of uninitialized stack contents

Mitigation of SWAPGS Spectre gadget

host: make sure log_num < in_num

mwifiex: Fix possible buffer overflows at parsing bss descriptor

mwifiex: Fix possible buffer overflows at parsing bss descriptor

ext4: never move the system.data xattr out of the inode body

x86: kvm: Do not release the page inside mmu_set_spte() (CVE-2018-12207 prerequirement)

CVE-2018-12207 prerequirement - code cleanup and simplification

x86: kvm: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (CVE-2018-12207 prerequirement)

N/A

x86: kvm: vmx,svm: always run with EFER.NXE=1 when shadow paging is active (CVE-2018-12207 prerequirement)

kvm: Convert kvm_lock to a mutex (CVE-2018-12207 prerequirement)

kvm: mmu: ITLB_MULTIHIT mitigation (adaptation)

[drm] drm/i915/gen8+: Add RC6 CTX corruption WA

[drm] drm/i915/gen8+: Add RC6 CTX corruption WA

KVM: coalesced_mmio: add bounds checking

tcp: purge write queue in tcp_connect_init()

mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings

Heap Overflow in mwifiex_process_country_ie() function of Marvell Wifi Driver

mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

cfg80211: wext: avoid copying malformed SSIDs

[fs] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx

[wireless] rtlwifi: Fix potential overflow on P2P code

[x86] kvm: x86: do not modify masked bits of shared MSRs

[mm] mm/hugetlb.c: __get_user_pages ignores certain follow_hugetlb_page errors

[mm] mm: prevent get_user_pages() from overflowing page refcount

[usb] check usb_get_extra_descriptor for proper size

[usb] hso: Fix OOB memory access in hso_probe/hso_get_config_data

[net] bluetooth: hidp: fix buffer overflow

[bluetooth] Bluetooth: hci_uart: check for missing tty operations

[block] floppy: fix out-of-bounds read in copy_buffer

[sound] ALSA: info: Fix racy addition/deletion of nodes

[sound] ALSA: core: Fix card races between register and disconnect

[sound] ALSA: line6: Fix write on zero-sized buffer

[sound] ALSA: line6: Fix memory leak at line6_init_pcm() error path

[net] tun: call dev_get_valid_name() before register_netdevice()

[net] tun: allow positive return values on dev_get_valid_name() call

[security] KEYS: Strip trailing spaces

[security] KEYS: remove unnecessary get/put of explicit dest_keyring

[security] KEYS: add missing permission check for request_key() destination

binfmt_elf: switch to new creds when switching to new mm

[kernel] perf/core: Fix perf_event_open() vs. execve() race

[net] sysfs: Fix mem leak in netdev_register_kobject

cfg80211: add and use strongly typed element iteration macros

ieee80211: fix for_each_element_extid()

cfg80211: Use const more consistently in for_each_element macros

[net] mac80211: Do not send Layer 2 Update frame before authorization

[net] nl80211: validate beacon head

[media] cx24116: fix a buffer overflow when checking userspace params

netlabel: cope with NULL catmap

tracing: Fix possible double free on failure of allocating trace buffer

blktrace: fix dereference after null check

x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation

vfio: access to disabled MMIO space of some devices may lead to DoS scenario

vfio: access to disabled MMIO space of some devices may lead to DoS scenario

HID: hiddev: avoid opening a disconnected device

mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()

mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()

mac80211: handle deauthentication/disassociation from TDLS peer

kernel: memory corruption in Voice over IP nf_conntrack_h323 module

KVM: fix overflow of zero page refcount with ksm running

floppy: check FDC index for errors before assigning it

vgacon: Fix a UAF in vgacon_invert_region

ipv6: constify ip6_dst_lookup_{flow|tail}() sock arguments

net: ipv6: add net argument to ip6_dst_lookup_flow

net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup

net: ipv6_stub: ip6_dst_lookup_flow (adaptation)

vhost: Check docket sk_family instead of call getname

mm: mempolicy: require at least one nodeid for MPOL_PREFERRED

Input: add safety guards to input_set_keycode

Incorrect version of patch were initially used. Work on correct fix is in progress.

fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info

signal: Extend exec_id to 64bits

signal: Extend exec_id to 64bits (adaptation)

scsi: sg: add sg_remove_request in sg_write

nfs: Correct an nfs page array calculation error

selinux: properly handle multiple messages in selinux_netlink_send

mISDN: enforce CAP_NET_RAW for raw sockets

ieee802154: enforce CAP_NET_RAW for raw sockets

net: sit: fix memory leak in sit_init_net()

scsi: qla2xxx: fix a potential NULL pointer dereference

scsi: libsas: delete sas port if expander discover failed

media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap

scsi: libsas: fix a race condition when smp task timeout

fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links

fs/proc/proc_sysctl.c: Fix a NULL pointer dereference

can: peak_usb: fix slab info leak

ext4: work around deleting a file with i_nlink == 0 safely

KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)

i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA

Input: ff-memless - kill timer in destroy()

rtlwifi: prevent memory leak in rtl_usb_probe

crypto: user - fix memory leak in crypto_report

media: v4l: event: Prevent freeing event subscriptions while accessed

media: v4l: event: Prevent freeing event subscriptions while accessed (adaptation)

ext4: validate the debug_want_extra_isize mount option at parse time

ext4: forbid i_extra_isize not divisible by 4

ext4: add more paranoia checking in ext4_expand_extra_isize handling

ext4: fix support for inode sizes > 1024 bytes

USB: adutux: fix use-after-free on disconnect

usb: cdc-acm: make sure a refcount is taken early enough

USB: core: Fix races in character device registration and deregistraion

[net] sock: backport __sock_queue_rcv_skb()

[net] bluetooth: split sk_filter in l2cap_sock_recv_cb

Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel

Bluetooth: A2MP: Fix not initializing all members

net-sysfs: call dev_hold if kobject_init_and_add success

net-sysfs: Call dev_hold always in netdev_queue_add_kobject

net-sysfs: Call dev_hold always in rx_queue_add_kobject

Fix for missing check in vgacon scrollback handling

crypto: authenc - fix parsing key with misaligned rta_len

ext4: fix potential negative array index in do_split()

nfs: Fix getxattr kernel panic and memory overflow

hdlc_ppp: add range checks in ppp_cp_parse_cr()

block: Fix use-after-free in blkdev_get()

HID: Fix assumption that devices have inputs

pinctrl: Delete an error message

pinctrl: devicetree: Avoid taking direct reference to device name string

perf/core: Fix race in the perf_mmap_close() function

netfilter: ctnetlink: add a range check for l3/l4 protonum

tty/vt: fix write/write race in ioctl(KDSKBSENT) handler

tty: keyboard, do not speculate on func_table index

vt: keyboard, simplify vt_kdgkbsent

vt: keyboard, extend func_buf_lock to readers

vt: keyboard, rename i to kb_func in vt_do_kdgkb_ioctl

vt: keyboard, reorder user buffer handling in vt_do_kdgkb_ioctl

tty: Fix ->pgrp locking in tiocspgrp()

af_unix: fix struct pid memory leak

af_unix: fix struct pid memory leak (adaptation)

scsi: iscsi: Restrict sessions and handles to admin capabilities

sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (CVE-2021-27365 dependency)

scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE

scsi: iscsi: Verify lengths on passthrough PDUs

futex: Replace pointless printk in fixup_owner()

futex: Provide and use pi_state_update_owner()

futex: Handle faults correctly for PI futexes

Out of scope as the bpf/verifier is not implemented in this kernel yet

Out of scope as the bpf/verifier is not implemented in this kernel yet

vt: selection, close sel_buffer race

Mitigation is made with intel firmware update, el8 kernels also need 'i915.enable_guc' specified in cmdline to be affected

Mitigation is made with intel firmware update, el-kernels also need 'i915.enable_guc' specified in cmdline to be affected

Mitigation is made with intel firmware update, el-kernels also need 'i915.enable_guc' specified in cmdline to be affected

seq_file: Disallow extremely large seq buffer allocations

media: xirlink_cit: add missing descriptor sanity checks

cipso,calipso: resolve a number of problems with the DOI refcounts

Bluetooth: verify AMP hci_chan before amp_destroy

Bluetooth: verify AMP hci_chan before amp_destroy (kcare adaptation)

Out of scope as the patch is for powerpc arch only, x86_64 is not affected

netfilter: x_tables: fix compat match/target pad out-of-bound write

bpf, x86: Validate computation of branch displacements for x86-64

netfilter: x_tables: make xt_replace_table wait until old

netfilter: x_tables: Use correct memory barriers.

bluetooth: eliminate the potential race condition when removing the

KVM: nSVM: always intercept VMLOAD/VMSAVE when nested

Out of scope as the patch is for powerpc arch only, x86_64 is not affected

RDMA/cma: Add missing locking to rdma_accept()

RDMA/ucma: Fix the locking of ctx->file

RDMA/ucma: Fix locking for ctx->events_reported

RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy

firewire: firedtv-avc: potential buffer overflow

media: firewire: firedtv-avc: fix a buffer overflow

[media] firewire: don't break long lines

media: firewire: firedtv-avc: fix a buffer overflow

fuse: fix bad inode

HID: core: Sanitize event code and type when mapping input

do_epoll_ctl(): clean the failure exits up a bit

do_epoll_ctl(): clean the failure exits up a bit

af_unix: fix garbage collect vs MSG_PEEK

af_unix: fix garbage collect vs MSG_PEEK (adaptation)

Bluetooth: fix the erroneous flush_work() order

Bluetooth: use correct lock to prevent UAF of hdev object

Bluetooth: fix use-after-free error in lock_sock_nested()

xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like

drm/i915: Flush TLBs before releasing backing store

RDMA/cma: Do not change route.addr.src_addr.ss_family

cgroup-v1: Require capabilities to set release_agent

perf: Fix sys_perf_event_open() race against self

Not affected without certain conditions - Secure Boot, configured kgdb/kdb. Complex adaptation

x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data

net_sched: cls_route: remove from list when handle is 0

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

ax88179_178a: avoid copy of tx tcp packets (CVE-2022-2964 dependency)

net: usb: ax88179_178a: fix packet alignment padding

ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32

net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32

net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup

net: usb: ax88179_178a: Fix packet receiving

An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.

proc: avoid integer type confusion in get_proc_long

proc: proc_skip_spaces() shouldn't think it is working on C strings

usb: mon: make mmapped memory read only

Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu

hw: amd: Cross-Process Information Leak

netfilter: nf_tables: prevent OOB access in nft_byteorder_eval

net/sched: sch_qfq: account for stab overhead in qfq_enqueue

Complex adaptation required.

Restrict access to pagemap/kpageflags/kpagecount

vmx_vcpu_run wrapper

N/A

ALSA: seq: Fix racy pool initializations (kpatch adaptation due CVE-2018-1000004)