[bluetooth] Bluetooth: hci_uart: check for missing tty operations

[block] floppy: fix out-of-bounds read in copy_buffer

[sound] ALSA: line6: Fix write on zero-sized buffer

[sound] ALSA: line6: Fix memory leak at line6_init_pcm() error path

[fs] dcache: allow word-at-a-time name hashing with big-endian CPUs

[lib] siphash: add cryptographically secure PRF

[net] inet: switch IP ID generator to siphash

binfmt_elf: switch to new creds when switching to new mm

[kernel] perf/core: Fix perf_event_open() vs. execve() race

cfg80211: add and use strongly typed element iteration macros

ieee80211: fix for_each_element_extid()

cfg80211: Use const more consistently in for_each_element macros

[net] mac80211: Do not send Layer 2 Update frame before authorization

[net] nl80211: validate beacon head

netlabel: cope with NULL catmap

blktrace: fix dereference after null check

scsi: qedi: remove memset/memcpy to nfunc and use func instead

kernel: memory corruption in Voice over IP nf_conntrack_h323 module

vfio: access to disabled MMIO space of some devices may lead to DoS scenario

vfio: access to disabled MMIO space of some devices may lead to DoS scenario

mm: Fix mremap not considering huge pmd devmap

HID: hiddev: avoid opening a disconnected device

mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()

mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()

mac80211: drop robust management frames from unknown TA

floppy: check FDC index for errors before assigning it

mwifiex: Fix mem leak in mwifiex_tm_cmd

vgacon: Fix a UAF in vgacon_invert_region

ipv6: constify ip6_dst_lookup_{flow|tail}() sock arguments

KVM: nVMX: Don't emulate instructions in guest mode

KVM: nVMX: Refactor IO bitmap checks into helper function

KVM: nVMX: Check IO instruction VM-exit conditions

KVM: VMX: check descriptor table exits on instruction emulation

KVM: x86: clear stale x86_emulate_ctxt->intercept value

vhost: Check docket sk_family instead of call getname

Input: add safety guards to input_set_keycode

fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info

signal: Extend exec_id to 64bits

signal: Extend exec_id to 64bits (adaptation)

scsi: sg: add sg_remove_request in sg_write

nfs: Correct an nfs page array calculation error

selinux: properly handle multiple messages in selinux_netlink_send

crypto: ccp - Release all allocated memory

mISDN: enforce CAP_NET_RAW for raw sockets

ieee802154: enforce CAP_NET_RAW for raw sockets

net: sit: fix memory leak in sit_init_net()

scsi: qla2xxx: fix a potential NULL pointer dereference

fjes: Handle workqueue allocation failure.

Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()

scsi: libsas: delete sas port if expander discover failed

media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap

fs/proc/proc_sysctl.c: Fix a NULL pointer dereference

can: peak_usb: fix slab info leak

ext4: work around deleting a file with i_nlink == 0 safely

i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA

Input: ff-memless - kill timer in destroy()

iwlwifi: dbg_ini: fix memory leak in alloc_sgtable

rtlwifi: prevent memory leak in rtl_usb_probe

crypto: user - fix memory leak in crypto_report

media: v4l: event: Prevent freeing event subscriptions while accessed

media: v4l: event: Prevent freeing event subscriptions while accessed (adaptation)

ext4: validate the debug_want_extra_isize mount option at parse time

ext4: forbid i_extra_isize not divisible by 4

ext4: fix support for inode sizes > 1024 bytes

USB: adutux: fix use-after-free on disconnect

usb: cdc-acm: make sure a refcount is taken early enough

USB: core: Fix races in character device registration and deregistraion

Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel

Bluetooth: A2MP: Fix not initializing all members

net-sysfs: call dev_hold if kobject_init_and_add success

net-sysfs: Call dev_hold always in netdev_queue_add_kobject

net-sysfs: Call dev_hold always in rx_queue_add_kobject

Fix for missing check in vgacon scrollback handling

vt: selection, close sel_buffer race

bpf, x86: Validate computation of branch displacements for x86-64

netfilter: x_tables: Use correct memory barriers.

bluetooth: eliminate the potential race condition when removing the

net_sched: cls_route: remove the right filter from hashtable

perf/core: Fix a memory leak in perf_event_parse_addr_filter()

firewire: firedtv-avc: potential buffer overflow

media: firewire: firedtv-avc: fix a buffer overflow

[media] firewire: don't break long lines

media: firewire: firedtv-avc: fix a buffer overflow

fuse: fix bad inode

HID: core: Sanitize event code and type when mapping input

af_unix: fix garbage collect vs MSG_PEEK

af_unix: fix garbage collect vs MSG_PEEK (adaptation)

af_unix: fix garbage collect vs MSG_PEEK (adaptation)

Bluetooth: fix the erroneous flush_work() order

Bluetooth: use correct lock to prevent UAF of hdev object

Bluetooth: fix use-after-free error in lock_sock_nested()

xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like

drm/i915: Flush TLBs before releasing backing store

RDMA/cma: Do not change route.addr.src_addr.ss_family

fget: check that the fd still exists after getting a ref to it

fget: check that the fd still exists after getting a ref to it

Restrict access to pagemap/kpageflags/kpagecount

Initialize registers to avoid stack leak into userspace.

Bail out in case userspace uses unsupported registers.