perf: Fix sys_perf_event_open() race against self

netfilter: nf_tables: disallow non-stateful expression in sets earlier

secure_seq: use the 64 bits of the siphash for port offset

x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data

UBUNTU: SAUCE: net_sched: cls_route: remove from list when handle is 0

af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register

block-map: add __GFP_ZERO flag for alloc_page in function

Fix lock_sock() blockage by memcpy_from_msg()

net: sched: fix use-after-free in tc_new_tfilter()

fix double dev_kfree_skb() in error path

net/packet: fix slab-out-of-bounds access in packet_recvmsg()

SUNRPC: Ensure we flush any closed sockets before

[PATCH] SUNRPC: Don't leak sockets in xs_local_connect()

net/sched: cls_u32: fix netns refcount changes in u32_change()

netfilter: nf_queue: do not allow packet truncation below transport header offset

ipv4: avoid using shared IP generator for connected sockets

ipv4: tcp: send zero IPID in SYNACK messages

vt: vt_ioctl: fix race in VT_RESIZEX

media: v4l: ioctl: Fix memory leak in video_usercopy

cifs: prevent bad output lengths in smb2_ioctl_query_info()

cifs: fix NULL ptr dereference in smb2_ioctl_query_info()

udf: Fix NULL ptr deref when converting from inline format

udf: Restore i_lenAlloc when inode expansion fails

Reinstate some of "swiotlb: rework "fix info leak with

ext4: verify dir block before splitting it

ext4: make variable "count" signed

ext4: avoid cycles in directory h-tree

psi: Fix uaf issue when psi trigger is destroyed while being polled (adaptation)

ALSA: pcm: Fix races among concurrent read/write and buffer changes

ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls

ALSA: pcm: Fix races among concurrent hw_params and hw_free calls

ALSA: pcm: Fix races among concurrent prealloc proc writes

ALSA: pcm: Fix races among concurrent hw_params and hw_free calls (adaptation)

openvswitch: fix OOB access in reserve_sfa_size()

Initialize registers to avoid stack leak into userspace.

Bail out in case userspace uses unsupported registers.

KVM: x86: avoid calling x86 emulator without a decoded

netfilter: nf_tables: sanitize nft_set_desc_concat_parse()

Out of scope as the patch is aarch64 related

NFSv4: Handle case where the lookup of a directory fails

netfilter: nf_tables: do not allow SET_ID to refer to another

netfilter: nf_tables: do not allow SET_ID to refer to another

HID: elo: fix memory leak in elo_probe

lockdown: also lock down previous kgdb use

drm/i915: fix TLB invalidation for Gen12 video and compute

net: usb: ax88179_178a: Fix out-of-bounds accesses in RX

i2c: ismt: prevent memory corruption in ismt_access()

mm/mremap: hold the rmap lock in write mode when moving page table

x86/xen: Add xenpv_restore_regs_and_return_to_usermode()

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.