Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb

net/sched: cls_route: No longer copy tcf_result on update to avoid

net/sched: cls_fw: No longer copy tcf_result on update to avoid

net/sched: cls_u32: No longer copy tcf_result on update to avoid

x86/CPU/AMD: Do not leak quotient data after a division by 0

net: tap_open(): set sk_uid from current_fsuid()

net: tun_chr_open(): set sk_uid from current_fsuid()

This is a low priority CVE & the patch impacts many critical components of the networking subsystem & it requires multiple complex adaptations in those components to avoid losing existing connections on patch/unpatch.

The patch remove functionality.

[PATCH] nfc: llcp: simplify llcp_sock_connect() error paths

[PATCH] net: nfc: Fix use-after-free caused by nfc_llcp_find_local

gfs2: Don't deref jdesc in evict

bpf: Fix toctou on read-only map's constant scalar tracking

bpf: Fix toctou on read-only map's constant scalar tracking

af_unix: Fix null-ptr-deref in unix_stream_sendpage().

net/sched: sch_hfsc: Ensure inner classes have fsc curve

net: sched: sch_qfq: Fix UAF in qfq_dequeue()

net: sched: sch_qfq: Fix UAF in qfq_dequeue() (adaptation)

netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for

igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU

CVE was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.

The patch removes functionality.

netfilter: ipset: Add schedule point in call_ad().

netfilter: ipset: Fix race between IPSET_CMD_CREATE and

xen/netback: Fix buffer overrun triggered by unusual packet

Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in

media: usb: siano: Fix warning due to null work_func_t function

Medium severity vulnerability CVE requiring extremely complex adaptation (if at all possible)

xfrm: add NULL check in xfrm_update_ae_params

ubi: Refuse attaching if mtd's erasesize is 0

igb: set max size RX buffer when store bad packet is enabled

igb: set max size RX buffer when store bad packet is enabled (adaptation)

net/tls: do not free tls_rec on async operation in

netfilter: nfnetlink_osf: avoid OOB read

netfilter: xt_sctp: validate the flag_info count

netfilter: xt_u32: validate user space input

netfilter: xt_u32: validate user space input (adaptation)

perf: Disallow mis-matched inherited group reads

perf: Disallow mis-matched inherited group reads

nvmet-tcp: move send/recv error handling in the send/recv methods instead of call-sites

nvmet-tcp: Fix a possible UAF in queue intialization setup

ipv4: fix null-deref in ipv4_link_failure

net: xfrm: Fix xfrm_address_filter OOB read

Complex adaptation required.

USB: hub: Clean up use of port initialization schemes and retries

USB: hub: Add Kconfig option to reduce number of port initialization retries

USB: core: Unite old scheme and new scheme descriptor reads

usb: hub: Check device descriptor before resusciation

USB: core: Change usb_get_device_descriptor() API

USB: core: Fix race by not overwriting udev->descriptor in hub_port_init()

netfilter: nf_tables: Reject tables of unsupported family

smb: client: fix OOB in smbCalcSize()

perf: Fix perf_event_validate_size()

perf: Fix perf_event_validate_size() lockdep splat

ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet

ravb: Fix use-after-free issue in ravb_tx_timeout_work()

nfc: nci: fix possible NULL pointer dereference in send_acknowledge()

kobject: Fix slab-out-of-bounds in fill_kobj_path()

xen/events: replace evtchn_rwlock with RCU

net: tls, update curr on splice as well

smb: client: fix OOB in receive_encrypted_standard()

ida: Fix crash in ida_free when the bitmap is empty

appletalk: Fix Use-After-Free in atalk_ioctl

usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core

Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg

f2fs: fix to do sanity check on inode type during garbage collection

An introduction of required changes through KernelCare could cause unavoidable problems to applications which use netfilter functionality.

nvmet: nul-terminate the NQNs passed in the connect command

net/rose: Fix Use-After-Free in rose_ioctl

atm: Fix Use-After-Free in do_vcc_ioctl

vhost: use kzalloc() instead of kmalloc() followed by memset()

netfilter: nf_tables: reject QUEUE/DROP verdict parameters

phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function

malidp: Fix NULL vs IS_ERR() checking

scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()

kpatch add alt asm definitions

kpatch add paravirt asm definitions