FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree

jfs: fix array-index-out-of-bounds in dbAdjTree

IB/ipoib: Fix mcast list locking

i2c: i801: Fix block process call transactions

powerpc/lib: Validate size for vector operations

jfs: fix array-index-out-of-bounds in diNewExt

s390/ptrace: handle setting of fpc register correctly

KVM: s390: fix setting of fpc register

llc: call sock_orphan() at release time

KVM: arm64: vgic-its: Avoid potential UAF in LPI translation

net: prevent mss overflow in skb_segment()

ceph: fix deadlock or deadcode of misusing dget()

powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

SUNRPC: Fix a suspicious RCU usage warning

net/rds: Fix UBSAN: array-index-out-of-bounds in

phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP

sched/membarrier: reduce the ability to hammer on

can: j1939: Fix UAF in j1939_sk_match_filter during

can: j1939: Fix UAF in j1939_sk_match_filter during (adaptation)

ext4: avoid online resizing failures due to oversized flex bg

ext4: avoid online resizing failures due to oversized flex bg

binder: signal epoll threads of self-work

net/smc: fix illegal rmb_desc access in SMC-D connection dump

llc: Drop support for ETH_P_TR_802_2.

llc: Drop support for ETH_P_TR_802_2 (adaptation)

llc: make llc_ui_sendmsg() more robust against bonding

tipc: Check the bearer type before calling

hwmon: (coretemp) Fix out-of-bounds memory access

blk-mq: fix IO hang from sbitmap wakeup race

netfilter: nft_ct: sanitize layer 3 and 4 protocol number in

ppp_async: limit MRU to 64K

inet: read sk->sk_family once in inet_recv_error()

nilfs2: fix potential bug in end_buffer_async_write

nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()

nilfs2: fix data corruption in dsync block recovery for small

iio: magnetometer: rm3100: add boundary check for the value

ext4: fix double-free of blocks due to wrong extents

mm/writeback: fix possible divide-by-zero in

ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()

jfs: fix slab-out-of-bounds Read in dtSearch

drm: Don't unref the same fb many times by mistake due to

wifi: brcmfmac: Fix use-after-free bug in

tomoyo: fix UAF write bug in tomoyo_write_control()

wifi: mac80211: fix potential key use-after-free

Complex adaptation required. Network services prevents update because sleeps in inet_csk_accept() function.

fs,hugetlb: fix NULL pointer dereference in

drm: bridge/panel: Cleanup connector on bridge detach

arp: Prevent overflow in arp_req_get().

afs: Increase buffer size in afs_update_volume_status()

ipv6: sr: fix possible use-after-free and null-ptr-deref

Unable to fix early initialization before enabling SMP d35652a5fc9944784f6f50a5c979518ff8dacf61

Do not support powerpc build with kasan sanitizer 4a7aee96200ad281a5cc4cf5c7a2e2a49d2b97b0

usb: cdns3: fix memory double free when handle zero packet

usb: cdns3: fixed memory use after free at

ARM: ep93xx: Add terminator to gpiod_lookup_table

gtp: fix use-after-free and null-ptr-deref in

dm-crypt: don't modify the data when using authenticated

fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via

IB/hfi1: Fix sdma.h tx->num_descs off-by-one error

l2tp: pass correct message length to ip6_append_data

gtp: fix use-after-free and null-ptr-deref in gtp_newlink()

fbdev: savage: Error out if pixclock equals zero

wifi: mac80211: fix race condition on enabling fast-xmit

fbdev: sis: Error out if pixclock equals zero

ext4: avoid allocating blocks from corrupted group in

ext4: avoid allocating blocks from corrupted group in

btrfs: dev-replace: properly validate device names

dmaengine: fsl-qdma: init irq after reg initialization

dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned

Bluetooth: Avoid potential use-after-free in hci_error_reset

usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs

wifi: nl80211: reject iftype change with mesh ID change

power: supply: bq27xxx-i2c: Do not free non existing IRQ

efi/capsule-loader: fix incorrect allocation size

rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back

Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST

ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

netfilter: nf_tables: set dormant flag on hook register

uio_hv_generic: Fix another memory leak in error handling

IB/hfi1: Fix a memleak in init_credit_return

scsi: target: core: Add TMF to tmr_list handling

net: ip_tunnel: prevent perpetual headroom growth

netlink: Fix kernel-infoleak-after-free in

cachefiles: fix memory leak in cachefiles_add_cache()

netfilter: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

md/raid5: fix atomicity violation in raid5_cache_count

mlxsw: spectrum_acl_tcam: Fix stack corruption

net: ip_tunnel: make sure to pull inner header in

bpf: Fix stackmap overflow check on 32-bit arches

bpf: Fix hashtab overflow check on 32-bit arches

netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()

USB: core: Fix deadlock in usb_deauthorize_interface()

net/ipv6: avoid possible UAF in ip6_route_mpath_notify()

aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

af_unix: Do not use atomic ops for unix_sk(sk)->inflight.

af_unix: Fix garbage collector racing against connect()

netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()

netfilter: nf_tables: release batch on table validation from abort path

netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path

Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

cifs: fix underflow in parse_server_interfaces()

media: xc4000: Fix atomicity violation in

ACPI: processor_idle: Fix memory leak in

The patch fixes kernel building process.

octeontx2: CVE patch is outside the scope.

Bluetooth: Fix TOCTOU in HCI debugfs implementation

netfilter: nf_tables: disallow timeout for anonymous sets

tcp: properly terminate timers for kernel sockets

[PATCH] ALSA: sh: Don't build Dreamcast AICA sound driver

[PATCH] io_uring/unix: drop usage of io_uring socket

[PATCH] io_uring/unix: drop usage of io_uring socket

[PATCH] io_uring: drop any code related to SCM_RIGHTS

[PATCH] io_uring: drop any code related to SCM_RIGHTS

[PATCH] wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()

[PATCH 1/1] wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled

[PATCH 1/1] drm/tegra: dsi: Add missing check for of_find_device_by_node

[PATCH 1/1] sysv: don't call sb_bread() with pointers_lock held

[PATCH 1/1] tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc

[PATCH 1/1] ubi: Check for too small LEB size in VTBL code

[PATCH] netfilter: nf_tables: disallow anonymous set with timeout

[PATCH] sr9800: Add check for usbnet_get_endpoints

stddef: Introduce DECLARE_FLEX_ARRAY() helper

RDMA/mlx5: Fix fortify source warning while accessing Eth segment

firmware: arm_scmi: Harden accesses to the reset domains

tty: n_gsm: fix possible out-of-bounds in gsm0_receive()

nilfs2: We cannot patch functions that sleep in kthread().

kdb: Fix buffer overflow during tab-complete

erofs: fix pcluster use-after-free on UP platforms

smb: client: fix potential OOBs in smb2_parse_contexts()

smb: client: fix use-after-free bug in cifs_debug_data_proc_show()

Live-patching will introduce network performance degradation in the best case scenario, or even some more serious issues. N/A or Low cvss3 score from NVD or vendors.

gfs2: Fix slab-use-after-free in gfs2_qd_dealloc

scsi: qla2xxx: Fix double free of fcport

ALSA: hda: intel-sdw-acpi: harden detection of controller

sh: push-switch: Reorder cleanup operations to avoid use-after-free bug

ipv6: prevent NULL dereference in ip6_output()

Bluetooth: Fix atomicity violation in {min, max}_key_size_set

i40e: Refactoring VF MAC filters counting to make more reliable

i40e: Fix MAC address setting for a VF via Host/VM

i40e: Do not allow untrusted VF to remove administratively set MAC

mmc: davinci: Don't strip remove function when driver is builtin

netns: Make get_net_ns() handle zero refcount net

net: sched: sch_multiq: fix possible OOB write in

greybus: Fix use-after-free bug in gb_interface_release due

jfs: xattr: fix buffer overflow for invalid xattr

ata: libata-core: Fix double free on error

net/dpaa2: Avoid explicit cpumask var allocation on stack

net/iucv: Avoid explicit cpumask var allocation on stack

nilfs2: fix inode number range checks

nilfs2: add missing check for inode numbers on directory

net: dsa: mv88e6xxx: Correct check for empty list

bonding: Fix out-of-bounds read in

filelock: fix potential use-after-free in posix_lock_inode

net: lantiq_etop: add blank line after declaration

net: ethernet: lantiq_etop: fix double free in detach

tcp_metrics: validate source addr length

tcp_metrics: validate source addr length kpatch

iio: chemical: bme680: Fix overflows in compensate()

drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers

ASoC: fsl-asoc-card: set priv->pdev before using it

pinctrl: fix deadlock in create_pinctrl() when handling

gpio: davinci: Validate the obtained number of IRQs

x86: stop playing stack games in profile_pc()

ALSA: emux: improve patch ioctl data validation

drm/nouveau: fix null pointer dereference in

Revert "mm/writeback: fix possible divide-by-zero in

UBSAN warning fix, release kernels aren't affected.

ima: Fix use-after-free on a dentry's dname.name

netfilter: nf_tables: restore set elements when delete set

scsi: ufs: core: Improve SCSI abort handling

scsi: pm80xx: Fix TMF task completion race condition

scsi: pm8001: Fix use-after-free for aborted TMF sas_task

drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

scsi: f2fs: check validation of fault attrs in f2fs_build_fault_attr()

mISDN: Fix memory leak in dsp_pipeline_build()

watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger

mm: swap: fix race between free_swap_and_cache() and swapoff()

netem: fix return value if duplicate enqueue fails

netfilter: nf_tables: use timestamp to check for set element timeout

netfilter: nf_tables: use timestamp to check for set element timeout kpatch

media: venus: fix use after free in vdec_close

bna: adjust 'name' buf size of bna_tcb and bna_ccb structures

jfs: Fix array-index-out-of-bounds in diFree

ipv6: prevent UAF in ip6_send_skb()

atm: idt77252: prevent use after free in dequeue_rx()

Architecture is not supported

scsi: aacraid: Fix double-free on probe failure

VMCI: Fix use-after-free when removing resource in vmci_resource_remove()

parport: Standardize use of printmode

dev/parport: fix the array out-of-bounds risk

binder: fix UAF caused by offsets overwrite

cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations

netfilter: nft_limit: reject configurations that cause integer overflow

ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()

filelock: Remove locks reliably when fcntl/close race is detected

media: pci: cx23885: check cx23885_vdev_init() return

wifi: iwlwifi: mvm: Fix a memory corruption issue

Kernel versions older than 5.4.0-200.220 not affected

misc: eeprom: at24: fix regulator underflow

misc: eeprom: at24: register nvmem only after eeprom is ready

eeprom: at24: fix memory corruption race condition

media: i2c: et8ek8: Don't strip remove function when driver is builtin

ax25: Fix reference count leak issues of ax25_dev

wifi: iwlwifi: mvm: check n_ssids before accessing the ssids

ocfs2: add bounds checking to ocfs2_check_dir_entry()

jfs: don’t walk off the end of ealist

filelock: Fix fcntl/close race recovery compat path

drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()

Bluetooth: hci_core: cancel all works upon hci_unregister_dev()

drm/vmwgfx: Fix shader stage validation

hfsplus: fix uninit-value in copy_name

tap: add missing verification for short frame

tun: add missing verification for short frame

gtp: pull network headers in gtp_dev_xmit()

drm/amdgpu: fix mc_data out-of-bounds read warning

drm/amdgpu: fix ucode out-of-bounds read warning

of/irq: Prevent device address out-of-bounds read in interrupt map walk

HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup

exec: Fix ToCToU between perm check and set-uid/gid usage

net/sched: flower: Fix chain template offload

net/sched: flower: Fix chain template offload

Squashfs: sanity check symbolic link size

hwmon: (w83627ehf) Fix underflows seen when writing limit attributes

hwmon: (nct6775-core) Fix underflows seen when writing limit attributes

hwmon: (lm95234) Fix underflows seen when writing limit attributes

hwmon: (adc128d818) Fix underflows seen when writing limit attributes

ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object

sch/netem: fix use after free in netem_dequeue

drm/amd/display: Check gpio_id before used as array index

Architecture um is not supported

ila: call nf_unregister_net_hooks() sooner

bpf: Fix DEVMAP_HASH overflow check on 32-bit arches

tipc: Return non-zero value from tipc_udp_addr2str() on error

mISDN: Fix a use after free in hfcmulti_tx()

net/iucv: fix use after free in iucv_sock_close()

drm/amdkfd: don't allow mapping the MMIO HDP page with large pages

wifi: mac80211: Avoid address calculations via out of bounds array indexing

nvme: avoid double free special payload

smack: tcp: ipv4, fix incorrect labeling

CVE patch is for powerpc arch only

netfilter: nf_tables: prefer nft_chain_validate

KVM: x86/mmu: make apf token non-zero to fix bug

net: bridge: xmit: make sure we have at least eth header len bytes

f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC

drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number

fou: remove warn in gue_gro_receive on unsupported protocol

RDMA/rxe: Return CQE error if invalid lkey was supplied

i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc

CDC-NCM: avoid overflow in sanity checking

erofs: fix lz4 inplace decompression

s390 architecture is not supported

ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

Affects only __init function for a built-in component, so patching will have no effect

Out of scope: s390 is not supported

KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue

drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()

bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()

ext4: no need to continue when the number of entries is 1

net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT

vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

Bluetooth: SCO: Fix not validating setsockopt user input

Bluetooth: RFCOMM: Fix not validating setsockopt user input

Bluetooth: L2CAP: Fix not validating setsockopt user input

Bluetooth: hci_sock: Fix not validating setsockopt user input

Not patching the function that can remain on the stack for a while (i.e. if the socket is not non-blocking AND no signal is delivered)

scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

drm/panel: fix a possible null pointer dereference

eth: sungem: remove .ndo_poll_controller to avoid deadlocks

Patches a network driver available only for Motorola ColdFire and Freescale i.MX platforms that are not among the platforms our clients are using

memcg: protect concurrent access to mem_cgroup_idr

drm/vmwgfx: Fix possible null pointer derefence with invalid contexts

The patched function (asix_check_host_enable) does not exist for Ubuntu Focal's kernel (only for HWE)

xprtrdma: Fix cwnd update ordering

hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

netfilter: ipset: add missing range check in bitmap_ip_uadt

io_uring: remove extra check in __io_commit_cqring

io_uring: dont kill fasync under completion_lock

io_uring: ensure IOPOLL locks around deferred work

Out of scope, i.MX SoC is not supported

net: sched: fix ordering of qlen adjustment

firmware_loader: Block path traversal

ext4: fix double brelse() the buffer of the extents path

ext4: aovid use-after-free in ext4_ext_insert_extent()

drm/amd/display: Fix index out of bounds in degamma hardware format translation

fbdev: pxafb: Fix possible use after free in pxafb_task()

ocfs2: cancel dqi_sync_work before freeing oinfo

aoe: fix the potential use-after-free problem in more places

tipc: guard against string buffer overrun

ALSA: asihpi: Fix potential OOB array access

parport: Proper fix for array out-of-bounds access

net: sched: fix use-after-free in taprio_change()

tracing: Consider the NULL character when validating the event length

udf: fix uninit-value use in udf_get_fileshortad

smb: client: fix OOBs when building SMB2_IOCTL request

fbdev: sisfb: Fix strbuf array overflow

nilfs2: fix kernel bug due to missing clearing of checked flag

bpf: Fix out-of-bounds write in trie_get_next_key()

USB: serial: io_edgeport: fix use after free in debug printk

usb: musb: sunxi: Fix accessing an released usb phy

netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()

ASoC: meson: axg-card: fix 'use-after-free'

spi: nxp-fspi: fix the KASAN report out-of-bounds bug

ocfs2: add bounds checking to ocfs2_xattr_find_entry()

drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error

drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error

ext4: return error on ext4_find_inline_entry

ext4: avoid OOB when system.data xattr changes underneath the filesystem

Postponed: complex analysis and adaptation required

wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()

Kernel is not affected

drm/amd/pm: fix the Out-of-bounds read warning

net: dpaa: Pad packets to ETH_ZLEN

netfilter: complete validation of user input for expected length

media: s5p-jpeg: prevent buffer overflows

nilfs2: fix potential oob read in nilfs_btree_check_delete()

net: ethernet: lantiq_etop: fix memory disclosure

jfs: fix out-of-bounds in dbNextAG() and diAlloc()

security/keys: fix slab-out-of-bounds in key_task_permission

net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition

jfs: Fix uaf in dbFreeBits

jfs: Fix uninit-value access of new_ea in ea_buffer

media: venus: fix use after free bug in venus_remove due to race condition

ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition

ppp: fix ppp_async_encode() illegal access

slip: make slhc_remember() more robust against malicious packets

wifi: iwlegacy: Clear stale interrupts before resuming device

dm cache: fix out-of-bounds access to the dirty bitset when resizing

dm cache: optimize dirty bit checking with find_next_bit when resizing

dm cache: fix potential out-of-bounds access on the first resume

RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency

RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency

ax25: fix use-after-free bugs caused by ax25_ds_del_timer

ocfs2: fix uninitialized value in ocfs2_file_read_iter()

netfilter: x_tables: fix LED ID check in led_tg_check()

iio: pressure: zpa2326: fix information leak in triggered buffer

iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer

iio: light: vcnl4035: fix information leak in triggered buffer

iio: imu: kmx61: fix information leak in triggered buffer

iio: adc: ti-ads8688: fix information leak in triggered buffer

ALSA: 6fire: Release resources at card release

ALSA: 6fire: Release resources at card release

media: xc2028: avoid use-after-free in load_firmware_cb()

net/xen-netback: prevent UAF in xenvif_flush_hash()

cifs: Fix buffer overflow when parsing NFS reparse points

spi: mpc52xx: Add cancel_work_sync before module remove

Patch affects initramfs

wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()

Out of scope: SuperH architecture isn't supported for current kernel

ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit

af_packet: avoid erroring out after sock_init_data() in packet_create()

Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()

Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc

net: af_can: do not leave a dangling sk pointer in can_create()

net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()

net: inet: do not leave a dangling sk pointer in inet_create()

net: inet6: do not leave a dangling sk pointer in inet6_create()

jfs: array-index-out-of-bounds fix in dtReadFirst

bpf: fix OOB devmap writes when deleting elements

xsk: fix OOB map writes when deleting elements

nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()

EDAC/bluefield: Fix potential integer overflow

firmware: arm_scpi: Check the DVFS OPP count returned by the firmware

vfio/pci: Properly hide first-in-list PCIe extended capability

ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

ALSA: usb-audio: Fix a DMA to stack memory bug

comedi: Flush partial mappings in error case

Out of scope: User-mode Linux isn't supported

Out of scope: User-mode Linux isn't supported for current kernel

Out of scope: User-mode Linux isn't supported for current kernel

ubi: fastmap: Fix duplicate slab cache names while attaching

xen: Fix the issue of resource not being properly released in xenbus_dev_probe()

ocfs2: uncache inode which has failed entering the group

KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN

KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN

Out of scope: SuperH arch not supported.

bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again

i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock

ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()

[PATCH] jfs: Fix shift-out-of-bounds in dbDiscardAG

ext4: fix slab-use-after-free in ext4_split_extent_at()

[PATCH] igb: Fix potential invalid memory access in igb_init_module()

Out of scope: not affected

hrtimers: Handle CPU state correctly on hotplug

hrtimers: Handle CPU state correctly on hotplug

net/mlx5: fs, lock FTE when checking if active

nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint

NFSD: Prevent a potential integer overflow

um: Fix potential integer overflow during physmem setup

net: fix data-races around sk->sk_forward_alloc

nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint

hfsplus: don't query the device logical block size multiple times

hfsplus: don't query the device logical block size multiple times

[PATCH] netlink: terminate outstanding dump on socket close

[PATCH] netlink: terminate outstanding dump on socket close

9p/xen: fix release of IRQ

jffs2: Prevent rtime decompress memory corruption

ALSA: usb-audio: Fix out of bounds reads when finding clock sources

ila: serialize calls to nf_register_net_hooks()

scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()

ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv

scsi: sg: Fix slab-use-after-free read in sg_release()

vfio/platform: check the bounds of read/write syscalls

smb: client: fix potential UAF in cifs_debug_files_proc_show()

smb: client: fix potential UAF in smb2_is_valid_lease_break()

net: defer final 'struct net' free in netns dismantle

net: defer final 'struct net' free in netns dismantle

kpatch add alt asm definitions

kpatch add paravirt asm definitions

media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format