Red Hat Security Advisory: kernel security, bug fix, and enhancement update

CVE-2021-47515 — kernel: seg6: fix the iif in the IPv6 socket control block CVE-2022-3523 — Kernel: race when faulting a device private page in memory manager CVE-2022-3565 — kernel: use-after-free in l1oip timer handlers CVE-2022-3594 — kernel: Rate limit overflow messages in r8152 in intr_callback CVE-2022-38457 — kernel: vmwgfx: use-after-free in vmw_cmd_res_check CVE-2022-40133 — kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context CVE-2022-40982 — hw: Intel: Gather Data Sampling (GDS) side channel vulnerability CVE-2022-42895 — kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c CVE-2022-48950 — kernel: perf: Fix perf_pending_task() UaF CVE-2022-48975 — kernel: gpiolib: fix memory leak in gpiochip_setup_dev() CVE-2022-48988 — kernel: memcg: fix possible use-after-free in memcg_write_event_control() CVE-2022-48991 — kernel: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths CVE-2022-48997 — kernel: char: tpm: Protect tpm_pm_suspend with locks CVE-2022-49028 — kernel: ixgbevf: Fix resource leak in ixgbevf_init_module() CVE-2022-49220 — kernel: dax: make sure inodes are flushed before destroy cache CVE-2022-49256 — kernel: watch_queue: Actually free the watch CVE-2022-49257 — kernel: watch_queue: Fix NULL dereference in error cleanup CVE-2022-49273 — kernel: rtc: pl031: fix rtc features null pointer dereference CVE-2022-49287 — kernel: tpm: fix reference counting for struct tpm_chip CVE-2022-49316 — kernel: NFSv4: Don't hold the layoutget locks across multiple RPC calls CVE-2022-49321 — kernel: xprtrdma: treat all calls not a bcall when bc_serv is NULL CVE-2022-49339 — kernel: net: ipv6: unexport __init-annotated seg6_hmac_init() CVE-2022-49344 — kernel: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). CVE-2022-49466 — kernel: regulator: scmi: Fix refcount leak in scmi_regulator_probe CVE-2022-49567 — kernel: mm/mempolicy: fix uninit-value in mpol_rebind_policy() CVE-2022-49653 — kernel: i2c: piix4: Fix a memory leak in the EFCH MMIO support CVE-2022-49687 — kernel: virtio_net: fix xdp_rxq_info bug after suspend/resume CVE-2022-49699 — kernel: filemap: Handle sibling entries in filemap_get_read_batch() CVE-2022-49715 — kernel: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions CVE-2022-49716 — kernel: irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions CVE-2022-49731 — kernel: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() CVE-2022-49746 — kernel: dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init CVE-2022-49748 — kernel: perf/x86/amd: fix potential integer overflow on shift of a int CVE-2022-49750 — kernel: cpufreq: CPPC: Add u64 casts to avoid overflowing CVE-2022-49752 — kernel: device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() CVE-2022-49759 — kernel: VMCI: Use threaded irqs instead of tasklets CVE-2022-49760 — kernel: mm/hugetlb: fix PTE marker handling in hugetlb_change_protection() CVE-2022-49773 — kernel: drm/amd/display: Fix optc2_configure warning on dcn314 CVE-2022-49774 — kernel: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() CVE-2022-49795 — kernel: rethook: fix a potential memleak in rethook_alloc() CVE-2022-49811 — kernel: drbd: use after free in drbd_create_device() CVE-2022-49827 — kernel: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() CVE-2022-49837 — kernel: bpf: Fix memory leaks in __check_func_call CVE-2022-49839 — kernel: scsi: scsi_transport_sas: Fix error handling in sas_phy_add() CVE-2022-49855 — kernel: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg CVE-2022-49864 — kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() CVE-2022-49873 — kernel: bpf: Fix wrong reg type conversion in release_reference() CVE-2022-49875 — kernel: bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE CVE-2022-49878 — kernel: bpf, verifier: Fix memory leak in array reallocation for stack state CVE-2022-49882 — kernel: KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache CVE-2022-49885 — kernel: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() CVE-2022-49938 — kernel: cifs: fix small mempool leak in SMB2_negotiate() CVE-2022-50004 — kernel: xfrm: policy: fix metadata dst->dev xmit null pointer dereference CVE-2022-50005 — kernel: nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout CVE-2022-50042 — kernel: net: genl: fix error path memory leak in policy dumping CVE-2022-50064 — kernel: virtio-blk: Avoid use-after-free on suspend/resume CVE-2022-50066 — kernel: net: atlantic: fix aq_vec index out of range error CVE-2022-50072 — kernel: NFSv4/pnfs: Fix a use-after-free bug in open CVE-2022-50076 — kernel: cifs: Fix memory leak on the deferred close CVE-2022-50087 — kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails CVE-2022-50091 — kernel: locking/csd_lock: Change csdlock_debug from early_param to __setup CVE-2022-50107 — kernel: cifs: Fix memory leak when using fscache CVE-2022-50110 — kernel: watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource CVE-2022-50117 — kernel: vfio: Split migration ops from main device ops CVE-2022-50127 — kernel: RDMA/rxe: Fix error unwind in rxe_create_qp() CVE-2022-50135 — kernel: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup CVE-2022-50191 — kernel: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() CVE-2022-50200 — kernel: selinux: Add boundary check in put_entry() CVE-2022-50201 — kernel: selinux: fix memleak in security_read_state_kernel() CVE-2022-50234 — kernel: Linux kernel: Denial of Service due to improper io_uring/af_unix file cleanup CVE-2022-50239 — kernel: cpufreq: qcom: fix writes in read-only memory region CVE-2022-50246 — kernel: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() CVE-2022-50247 — kernel: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq CVE-2022-50249 — kernel: memory: of: Fix refcount leak bug in of_get_ddr_timings() CVE-2022-50250 — kernel: regulator: core: fix use_count leakage when handling boot-on CVE-2022-50258 — kernel: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() CVE-2022-50269 — kernel: drm/vkms: Fix memory leak in vkms_init() CVE-2022-50272 — kernel: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() CVE-2022-50275 — kernel: drm/radeon: Add the missed acpi_put_table() to fix memory leak CVE-2022-50276 — kernel: power: supply: fix null pointer dereferencing in power_supply_get_battery_info CVE-2022-50279 — kernel: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() CVE-2022-50287 — kernel: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs CVE-2022-50290 — kernel: wifi: mac80211: fix memory leak in ieee80211_if_add() CVE-2022-50295 — kernel: io_uring/msg_ring: Fix NULL pointer dereference in io_msg_send_fd() CVE-2022-50297 — kernel: wifi: ath9k: verify the expected usb_endpoints are present CVE-2022-50303 — kernel: drm/amdkfd: Fix double release compute pasid CVE-2022-50317 — kernel: drm/bridge: megachips: Fix a null pointer dereference bug CVE-2022-50318 — kernel: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() CVE-2022-50322 — kernel: Linux kernel: Denial of Service due to function prototype mismatch CVE-2022-50327 — kernel: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value CVE-2022-50329 — kernel: Linux kernel: Denial of Service due to use-after-free in BFQ scheduler CVE-2022-50341 — kernel: cifs: fix oops during encryption CVE-2022-50342 — kernel: floppy: Fix memory leak in do_floppy_init() CVE-2022-50351 — kernel: Kernel: Denial of Service in CIFS due to xid leak CVE-2022-50354 — kernel: Linux kernel: NULL pointer dereference in drm/amdkfd leads to Denial of Service CVE-2022-50356 — kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails CVE-2022-50357 — kernel: usb: dwc3: core: fix some leaks in probe CVE-2022-50361 — kernel: wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init() CVE-2022-50369 — kernel: drm/vkms: Fix null-ptr-deref in vkms_release() CVE-2022-50372 — kernel: cifs: Fix memory leak when build ntlmssp negotiate blob failed CVE-2022-50389 — kernel: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak CVE-2022-50390 — kernel: Linux kernel: Denial of Service and information disclosure via undefined bit shift in drm/ttm CVE-2022-50391 — kernel: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call CVE-2022-50393 — kernel: drm/amdgpu: SDMA update use unlocked iterator CVE-2022-50406 — kernel: iomap: iomap: fix memory corruption when recording errors during writeback CVE-2022-50412 — kernel: drm: bridge: adv7511: unregister cec i2c device after cec adapter CVE-2022-50416 — kernel: irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init() CVE-2022-50423 — kernel: Linux kernel: Information disclosure and denial of service via use-after-free in ACPI subsystem CVE-2022-50426 — kernel: remoteproc: imx_dsp_rproc: Add mutex protection for workqueue CVE-2022-50429 — kernel: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() CVE-2022-50440 — kernel: Linux kernel: Denial of Service in vmwgfx due to invalid DMA surface copies CVE-2022-50444 — kernel: clk: tegra20: Fix refcount leak in tegra20_clock_init CVE-2022-50453 — kernel: gpiolib: cdev: fix NULL-pointer dereferences CVE-2022-50458 — kernel: clk: tegra: Fix refcount leak in tegra210_clock_init CVE-2022-50460 — kernel: kernel: Denial of Service due to xid leak in cifs_flock() CVE-2022-50464 — kernel: mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() CVE-2022-50470 — kernel: xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50472 — kernel: IB/mad: Don't call to function that might sleep while in atomic context CVE-2022-50473 — kernel: cpufreq: Init completion before kobject_init_and_add() CVE-2022-50475 — kernel: RDMA/core: Make sure "ib_port" is valid when access sysfs node CVE-2022-50477 — kernel: rtc: class: Fix potential memleak in devm_rtc_allocate_device() CVE-2022-50479 — kernel: drm/amd: fix potential memory leak CVE-2022-50482 — kernel: iommu/vt-d: Clean up si_domain in the init_dmars() error path CVE-2022-50488 — kernel: block, bfq: fix possible uaf for 'bfqq->bic' CVE-2022-50489 — kernel: drm/mipi-dsi: Detach devices when removing the host CVE-2022-50494 — kernel: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash CVE-2022-50505 — kernel: iommu/amd: Fix pci device refcount leak in ppr_notifier() CVE-2022-50510 — kernel: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() CVE-2022-50515 — kernel: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() CVE-2022-50520 — kernel: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() CVE-2022-50527 — kernel: drm/amdgpu: Fix size validation for non-exclusive domains (v4) CVE-2022-50528 — kernel: drm/amdkfd: Fix memory leakage CVE-2022-50532 — kernel: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() CVE-2022-50535 — kernel: drm/amd/display: Fix potential null-deref in dm_resume CVE-2022-50536 — kernel: bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data CVE-2022-50540 — kernel: dmaengine: qcom-adm: fix wrong sizeof config in slave_config CVE-2022-50543 — kernel: RDMA/rxe: Fix mr->map double free CVE-2022-50544 — kernel: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() CVE-2022-50550 — kernel: blk-iolatency: Fix memory leak on add_disk() failures CVE-2022-50556 — kernel: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() CVE-2022-50558 — kernel: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode CVE-2022-50562 — kernel: tpm: acpi: Call acpi_put_table() to fix memory leak CVE-2022-50578 — kernel: Linux kernel: Memory leak in __class_register() CVE-2022-50582 — kernel: regulator: core: Prevent integer underflow CVE-2022-50616 — kernel: regulator: core: Use different devices for resource allocation and DT lookup CVE-2022-50617 — kernel: drm/amdgpu/powerplay/psm: Fix memory leak in power state init CVE-2022-50619 — kernel: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() CVE-2022-50626 — kernel: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() CVE-2022-50627 — kernel: wifi: ath11k: fix monitor mode bringup crash CVE-2022-50628 — kernel: drm/gud: Fix UBSAN warning CVE-2022-50630 — kernel: mm: hugetlb: fix UAF in hugetlb_handle_userfault CVE-2022-50632 — kernel: Linux kernel: Local denial of service in marvell_cn10k perf driver CVE-2022-50633 — kernel: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init CVE-2022-50636 — kernel: PCI: Fix pci_device_is_present() for VFs by checking PF CVE-2022-50639 — kernel: io-wq: Fix memory leak in worker creation CVE-2022-50643 — kernel: cifs: Fix xid leak in cifs_copy_file_range() CVE-2022-50645 — kernel: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() CVE-2022-50650 — kernel: bpf: Fix reference state management for synchronous callbacks CVE-2022-50658 — kernel: cpufreq: qcom: fix memory leak in error path CVE-2022-50667 — kernel: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() CVE-2022-50671 — kernel: RDMA/rxe: Fix "kernel NULL pointer dereference" error CVE-2022-50675 — kernel: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored CVE-2022-50677 — kernel: ipmi: fix use after free in _ipmi_destroy_user() CVE-2022-50699 — kernel: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() CVE-2022-50700 — kernel: wifi: ath10k: Delay the unmapping of the buffer CVE-2022-50701 — kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host CVE-2022-50704 — kernel: USB: gadget: Fix use-after-free during usb config switch CVE-2022-50705 — kernel: io_uring/rw: defer fsnotify calls to task context CVE-2022-50710 — kernel: Linux kernel: Denial of Service in ice driver via uninitialized transmit rings CVE-2022-50712 — kernel: devlink: hold region lock when flushing snapshots CVE-2022-50718 — kernel: Linux kernel: Denial of Service due to PCI device reference count leak CVE-2022-50721 — kernel: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg CVE-2022-50724 — kernel: Linux kernel: Resource leak in regulator_register can cause system unavailability CVE-2022-50728 — kernel: Linux kernel: Denial of Service in s390/lcs network driver due to incompatible function pointer type CVE-2022-50733 — kernel: usb: idmouse: fix an uninit-value in idmouse_open CVE-2022-50735 — kernel: wifi: mt76: do not run mt76u_status_worker if the device is not running CVE-2022-50740 — kernel: Linux kernel: Denial of Service in ath9k Wi-Fi driver due to URB memory leak CVE-2022-50750 — kernel: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure CVE-2022-50756 — kernel: nvme-pci: fix mempool alloc size CVE-2022-50760 — kernel: Linux kernel: Resource exhaustion in amdgpu due to PCI device reference count leak CVE-2022-50771 — kernel: rcu: Fix _this_cpu_read() lockdep warning in rcu_force_quiescent_state() CVE-2022-50772 — kernel: Linux kernel: Denial of Service due to memory leak in netdevsim CVE-2022-50781 — kernel: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() CVE-2022-50784 — kernel: wifi: fix potential NULL-ptr deref after clone CVE-2022-50809 — kernel: Linux kernel xHCI DbC: Denial of Service via memory leak CVE-2022-50817 — kernel: net: hsr: avoid possible NULL deref in skb_clone() CVE-2022-50819 — kernel: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails CVE-2022-50820 — kernel: perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init() CVE-2022-50822 — kernel: Linux kernel: Memory leak in RDMA restrack leads to Denial of Service CVE-2022-50823 — kernel: clk: tegra: Fix refcount leak in tegra114_clock_init CVE-2022-50824 — kernel: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak CVE-2022-50825 — kernel: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe() CVE-2022-50829 — kernel: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() CVE-2022-50832 — kernel: Linux kernel: Memory leak in wilc1000 Wi-Fi driver causes Denial of Service CVE-2022-50842 — kernel: drm/virtio: Check whether transferred 2D BO is shmem CVE-2022-50844 — kernel: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback CVE-2022-50847 — kernel: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe CVE-2022-50856 — kernel: cifs: Fix xid leak in cifs_ses_add_channel() CVE-2022-50862 — kernel: bpf: prevent decl_tag from being referenced in func_proto CVE-2022-50865 — kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() CVE-2022-50878 — kernel: Linux kernel: Denial of service in lontium-lt9611 GPU driver due to NULL pointer dereference CVE-2022-50881 — kernel: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() CVE-2022-50882 — kernel: media: uvcvideo: Fix memory leak in uvc_gpio_parse CVE-2022-50883 — kernel: bpf: Prevent decl_tag from being referenced in func_proto arg CVE-2022-50885 — kernel: Linux kernel: Denial of Service in RDMA/rxe due to null-pointer dereference CVE-2023-0597 — kernel: x86/mm: Randomize per-cpu entry area CVE-2023-1073 — kernel: HID: check empty report_list in hid_validate_values() CVE-2023-1074 — kernel: sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075 — kernel: net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1076 — kernel: tap: tap_open(): correctly initialize socket uid CVE-2023-1077 — kernel: Type confusion in pick_next_rt_entity() CVE-2023-1079 — kernel: hid: Use After Free in asus_remove() CVE-2023-1206 — kernel: hash collisions in the IPv6 connection lookup table CVE-2023-1249 — kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump code CVE-2023-1252 — kernel: ovl: fix use after free in struct ovl_aio_req CVE-2023-1380 — Kernel: a USB-accessible slab-out-of-bounds read in brcmfmac CVE-2023-1652 — Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c CVE-2023-1838 — kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() CVE-2023-1855 — kernel: use-after-free bug in remove function xgene_hwmon_remove CVE-2023-1989 — kernel: Use after free bug in btsdio_remove due to race condition CVE-2023-2156 — kernel: net: IPv6 RPL protocol reachable assertion leads to DoS CVE-2023-2269 — kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos CVE-2023-3141 — kernel: Use after free bug in r592_remove CVE-2023-3161 — kernel: fbcon: shift-out-of-bounds in fbcon_set_font() CVE-2023-3212 — kernel: gfs2: NULL pointer dereference in gfs2_evict_inode() CVE-2023-3268 — kernel: out-of-bounds access in relay_file_read CVE-2023-3358 — kernel: NULL pointer dereference due to missing kalloc() return value check in shtp_cl_get_dma_send_buf() CVE-2023-3609 — kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails CVE-2023-3640 — Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space CVE-2023-3772 — kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() CVE-2023-3773 — kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr CVE-2023-4155 — kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability CVE-2023-4194 — kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid CVE-2023-4206 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4207 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4208 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4273 — kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry CVE-2023-26545 — kernel: mpls: double free on sysctl allocation failure CVE-2023-30456 — kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 CVE-2023-33203 — kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove() CVE-2023-33951 — kernel: vmwgfx: race condition leading to information disclosure vulnerability CVE-2023-33952 — kernel: vmwgfx: double free within the handling of vmw_buffer_object objects CVE-2023-35825 — kernel: r592: race condition leading to use-after-free in r592_remove() CVE-2023-39191 — kernel: eBPF: insufficient stack type checks in dynptr CVE-2023-52707 — kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue() CVE-2023-52734 — kernel: net: sched: sch: Bounds check priority CVE-2023-52735 — kernel: bpf, sockmap: Don't let sock_map{close,destroy,unhash} call itself CVE-2023-52928 — kernel: bpf: Skip invalid kfunc call in backtrack_insn CVE-2023-52931 — kernel: drm/i915: Avoid potential vm use-after-free CVE-2023-52937 — kernel: HV: hv_balloon: fix memory leak with using debugfs_lookup() CVE-2023-52938 — kernel: usb: typec: ucsi: Don't attempt to resume the ports before they exist CVE-2023-52977 — kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new CVE-2023-52981 — kernel: drm/i915: Fix request ref counting during error capture & debugfs dump CVE-2023-52986 — kernel: bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener CVE-2023-52988 — kernel: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() CVE-2023-52991 — kernel: net: fix NULL pointer in skb_segment_list CVE-2023-52992 — kernel: bpf: Skip task with pid=1 in send_signal_common() CVE-2023-52993 — kernel: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL CVE-2023-52994 — kernel: acpi: Fix suspend with Xen PV CVE-2023-52997 — kernel: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() CVE-2023-53002 — kernel: drm/i915: Fix a memory leak with reused mmap_offset CVE-2023-53006 — kernel: cifs: Fix oops due to uncleared server->smbd_conn in reconnect CVE-2023-53009 — kernel: drm/amdkfd: Add sync after creating vram bo CVE-2023-53010 — kernel: bnxt: Do not read past the end of test names CVE-2023-53012 — kernel: thermal: core: call put_device() only after device_register() fails CVE-2023-53013 — kernel: ptdma: pt_core_execute_cmd() should use spinlock CVE-2023-53014 — kernel: dmaengine: tegra: Fix memory leak in terminate_all() CVE-2023-53015 — kernel: HID: betop: check shape of output reports CVE-2023-53024 — kernel: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation CVE-2023-53025 — kernel: NFSD: fix use-after-free in nfsd4_ssc_setup_dul() CVE-2023-53026 — kernel: RDMA/core: Fix ib block iterator counter overflow CVE-2023-53028 — kernel: Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()" CVE-2023-53031 — kernel: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section CVE-2023-53036 — kernel: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device CVE-2023-53038 — kernel: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() CVE-2023-53039 — kernel: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function CVE-2023-53042 — kernel: drm/amd/display: Do not set DRR on pipe Commit CVE-2023-53044 — kernel: dm stats: check for and propagate alloc_percpu failure CVE-2023-53050 — kernel: thunderbolt: Fix memory leak in margining CVE-2023-53051 — kernel: dm crypt: add cond_resched() to dmcrypt_write() CVE-2023-53053 — kernel: erspan: do not use skb_mac_header() in ndo_start_xmit() CVE-2023-53056 — kernel: scsi: qla2xxx: Synchronize the IOCB count to be in order CVE-2023-53058 — kernel: net/mlx5: E-Switch, Fix an Oops in error handling code CVE-2023-53060 — kernel: igb: revert rtnl_lock() that causes deadlock CVE-2023-53065 — kernel: perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output CVE-2023-53070 — kernel: ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent CVE-2023-53071 — kernel: wifi: mt76: do not run mt76_unregister_device() on unregistered hw CVE-2023-53072 — kernel: mptcp: use the workqueue to destroy unaccepted sockets CVE-2023-53073 — kernel: perf/x86/amd/core: Always clear status for idx CVE-2023-53077 — kernel: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes CVE-2023-53078 — kernel: scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() CVE-2023-53079 — kernel: net/mlx5: Fix steering rules cleanup CVE-2023-53084 — kernel: drm/shmem-helper: Remove another errant put in error path CVE-2023-53085 — kernel: drm/edid: fix info leak when failing to get panel id CVE-2023-53086 — kernel: wifi: mt76: connac: do not check WED status for non-mmio devices CVE-2023-53087 — kernel: drm/i915/active: Fix misuse of non-idle barriers as fence trackers CVE-2023-53088 — kernel: mptcp: fix UaF in listener shutdown CVE-2023-53089 — kernel: ext4: fix task hung in ext4_xattr_delete_inode CVE-2023-53090 — kernel: drm/amdkfd: Fix an illegal memory access CVE-2023-53095 — kernel: drm/ttm: Fix a NULL pointer dereference CVE-2023-53096 — kernel: interconnect: fix mem leak when freeing nodes CVE-2023-53100 — kernel: ext4: fix WARNING in ext4_update_inline_data CVE-2023-53102 — kernel: ice: xsk: disable txq irq before flushing hw CVE-2023-53103 — kernel: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails CVE-2023-53105 — kernel: net/mlx5e: Fix cleanup null-ptr deref on encap lock CVE-2023-53107 — kernel: veth: Fix use after free in XDP_REDIRECT CVE-2023-53108 — kernel: net/iucv: Fix size of interrupt data CVE-2023-53110 — kernel: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() CVE-2023-53112 — kernel: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access CVE-2023-53113 — kernel: wifi: nl80211: fix NULL-ptr deref in offchan check CVE-2023-53114 — kernel: i40e: Fix kernel crash during reboot when adapter is in recovery mode CVE-2023-53116 — kernel: nvmet: avoid potential UAF in nvmet_req_complete() CVE-2023-53120 — kernel: scsi: mpi3mr: Fix config page DMA memory leak CVE-2023-53121 — kernel: tcp: tcp_make_synack() can be called from process context CVE-2023-53124 — kernel: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() CVE-2023-53126 — kernel: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove() CVE-2023-53129 — kernel: ext4: Fix deadlock during directory rename CVE-2023-53132 — kernel: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() CVE-2023-53168 — kernel: usb: ucsi_acpi: Increase the command completion timeout CVE-2023-53171 — kernel: Linux kernel: Denial of Service in vfio/type1 due to locked_vm underflow CVE-2023-53185 — kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes CVE-2023-53188 — kernel: net: openvswitch: fix race on port output CVE-2023-53197 — kernel: USB: uhci: fix memory leak with using debugfs_lookup() CVE-2023-53198 — kernel: raw: Fix NULL deref in raw_get_next() CVE-2023-53205 — kernel: KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler CVE-2023-53211 — kernel: Linux kernel: Memory leak in driver core location can lead to denial of service CVE-2023-53213 — kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-53218 — kernel: rxrpc: Make it so that a waiting process can be aborted CVE-2023-53224 — kernel: ext4: Fix function prototype mismatch for ext4_feat_ktype CVE-2023-53229 — kernel: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta CVE-2023-53232 — kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data CVE-2023-53233 — kernel: Linux kernel: Denial of Service via deadlock in net/smc CVE-2023-53241 — kernel: nfsd: call op_release, even when op_func returns an error CVE-2023-53245 — kernel: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts CVE-2023-53254 — kernel: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels CVE-2023-53268 — kernel: ASoC: fsl_mqs: move of_node_put() to the correct location CVE-2023-53292 — kernel: blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none CVE-2023-53296 — kernel: sctp: check send stream number after wait_for_sndbuf CVE-2023-53299 — kernel: md/raid10: fix leak of 'r10bio->remaining' for recovery CVE-2023-53319 — kernel: Linux kernel KVM: Denial of Service due to incorrect kvm_arm_init failure handling in finalize_pkvm CVE-2023-53320 — kernel: scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() CVE-2023-53333 — kernel: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one CVE-2023-53334 — kernel: USB: chipidea: fix memory leak with using debugfs_lookup() CVE-2023-53359 — kernel: USB: fix memory leak with using debugfs_lookup() CVE-2023-53363 — kernel: PCI: Fix use-after-free in pci_bus_release_domain_nr() CVE-2023-53366 — kernel: block: be a bit more careful in checking for NULL bdev while polling CVE-2023-53372 — kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip CVE-2023-53376 — kernel: scsi: mpi3mr: Use number of bits to manage bitmap sizes CVE-2023-53383 — kernel: Linux kernel: Denial of Service due to GIC state corruption on NVIDIA T241 platforms CVE-2023-53387 — kernel: Linux kernel: Denial of Service in UFS subsystem CVE-2023-53390 — kernel: drivers: base: dd: fix memory leak with using debugfs_lookup() CVE-2023-53392 — kernel: HID: intel-ish-hid: Fix kernel panic during warm reset CVE-2023-53398 — kernel: mlx5: fix possible ptp queue fifo use-after-free CVE-2023-53400 — kernel: Linux kernel: ALSA HDA denial of service via array overflow CVE-2023-53408 — kernel: trace/blktrace: fix memory leak with using debugfs_lookup() CVE-2023-53409 — kernel: drivers: base: component: fix memory leak with using debugfs_lookup() CVE-2023-53410 — kernel: USB: ULPI: fix memory leak with using debugfs_lookup() CVE-2023-53422 — kernel: wifi: iwlwifi: fw: fix memory leak in debugfs CVE-2023-53430 — kernel: wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup CVE-2023-53431 — kernel: Linux kernel: Denial of Service in scsi_ses due to enclosure with no components CVE-2023-53433 — kernel: net: add vlan_get_protocol_and_depth() helper CVE-2023-53437 — kernel: media: uvcvideo: Handle cameras with invalid descriptors CVE-2023-53443 — kernel: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak CVE-2023-53453 — kernel: drm/radeon: free iio for atombios when driver shutdown CVE-2023-53461 — kernel: Linux kernel: Denial of Service in io_uring due to hung task detection CVE-2023-53464 — kernel: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() CVE-2023-53466 — kernel: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit CVE-2023-53477 — kernel: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation CVE-2023-53479 — kernel: Linux kernel CXL driver: Use-after-free vulnerability leading to system instability or privilege escalation CVE-2023-53489 — kernel: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp CVE-2023-53492 — kernel: netfilter: nf_tables: do not ignore genmask when looking up chain by id CVE-2023-53499 — kernel: virtio_net: Fix error unwinding of XDP initialization CVE-2023-53511 — kernel: Linux kernel: Denial of Service due to file descriptor leak in io_uring with ocfs2 CVE-2023-53512 — kernel: scsi: mpt3sas: Fix a memory leak CVE-2023-53517 — kernel: Linux kernel: Denial of Service via malicious MTU negotiation in TIPC CVE-2023-53521 — kernel: scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() CVE-2023-53524 — kernel: Linux kernel: Integer overflow in iwlwifi debugfs function CVE-2023-53532 — kernel: wifi: ath11k: fix deinitialization of firmware resources CVE-2023-53549 — kernel: netfilter: ipset: Rework long task execution when adding/deleting entries CVE-2023-53553 — kernel: HID: hyperv: avoid struct memcpy overrun warning CVE-2023-53556 — kernel: Linux kernel iavf driver: Denial of Service via use-after-free vulnerability CVE-2023-53561 — kernel: net: wwan: iosm: fix NULL pointer dereference when removing device CVE-2023-53563 — kernel: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver CVE-2023-53566 — kernel: netfilter: nft_set_rbtree: fix null deref on element insertion CVE-2023-53575 — kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access CVE-2023-53576 — kernel: null_blk: Always check queue mode setting from configfs CVE-2023-53578 — kernel: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() CVE-2023-53582 — kernel: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds CVE-2023-53591 — kernel: net/mlx5e: Fix deadlock in tc route query code CVE-2023-53594 — kernel: driver core: fix resource leak in device_add() CVE-2023-53598 — kernel: bus: mhi: host: Range check CHDBOFF and ERDBOFF CVE-2023-53602 — kernel: wifi: ath11k: fix memory leak in WMI firmware stats CVE-2023-53605 — kernel: drm: amd: display: Fix memory leakage CVE-2023-53607 — kernel: ALSA: ymfpci: Fix BUG_ON in probe function CVE-2023-53609 — kernel: scsi: Revert "scsi: core: Do not increase scsi_device's iorequest_cnt if dispatch failed" CVE-2023-53620 — kernel: md: fix soft lockup in status_resync CVE-2023-53623 — kernel: mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() CVE-2023-53624 — kernel: net/sched: sch_fq: fix integer overflow of "credit" CVE-2023-53625 — kernel: drm/i915/gvt: fix vgpu debugfs clean in remove CVE-2023-53626 — kernel: ext4: fix possible double unlock when moving a directory CVE-2023-53634 — kernel: bpf, arm64: Fixed a BTI error on returning to patched function CVE-2023-53635 — kernel: netfilter: conntrack: fix wrong ct->timeout value CVE-2023-53639 — kernel: wifi: ath6kl: reduce WARN to dev_dbg() in callback CVE-2023-53640 — kernel: ASoC: lpass: Fix for KASAN use_after_free out of bounds CVE-2023-53641 — kernel: wifi: ath9k: hif_usb: fix memory leak of remain_skbs CVE-2023-53643 — kernel: nvme-tcp: don't access released socket during error recovery CVE-2023-53646 — kernel: drm/i915/perf: add sentinel to xehp_oa_b_counters CVE-2023-53656 — kernel: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown CVE-2023-53669 — kernel: tcp: fix skb_copy_ubufs() vs BIG TCP CVE-2023-53670 — kernel: nvme-core: fix dev_pm_qos memleak CVE-2023-53671 — kernel: srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL CVE-2023-53675 — kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses CVE-2023-53677 — kernel: drm/i915: Fix memory leaks in i915 selftests CVE-2023-53678 — kernel: drm/i915: Fix system suspend without fbdev being initialized CVE-2023-53679 — kernel: wifi: mt7601u: fix an integer underflow CVE-2023-53705 — kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() CVE-2023-53706 — kernel: mm/vmemmap/devdax: fix kernel crash when probing devdax devices CVE-2023-53710 — kernel: wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read CVE-2023-53716 — kernel: Linux kernel: Network subsystem memory leak CVE-2023-53717 — kernel: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() CVE-2023-53746 — kernel: s390/vfio-ap: fix memory leak in vfio_ap device driver CVE-2023-53753 — kernel: drm/amd/display: fix mapping to non-allocated address CVE-2023-53755 — kernel: dmaengine: ptdma: check for null desc before calling pt_cmd_callback CVE-2023-53756 — kernel: KVM: VMX: Fix crash due to uninitialized current_vmcs CVE-2023-53760 — kernel: Linux kernel: Denial of Service due to deadlock in Universal Flash Storage driver CVE-2023-53764 — kernel: wifi: ath12k: Handle lock during peer_id find CVE-2023-53767 — kernel: Linux kernel: Denial of Service via memory leak in ath12k Wi-Fi driver CVE-2023-53780 — kernel: drm/amd/display: fix FCLK pstate change underflow CVE-2023-53786 — kernel: dm flakey: fix a crash with invalid table line CVE-2023-53789 — kernel: iommu/amd: Improve page fault error reporting CVE-2023-53792 — kernel: nvme-core: fix memory leak in dhchap_ctrl_secret CVE-2023-53795 — kernel: iommufd: IOMMUFD_DESTROY should not increase the refcount CVE-2023-53803 — kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() CVE-2023-53814 — kernel: PCI: Fix dropping valid root bus resources with .end = zero CVE-2023-53816 — kernel: drm/amdkfd: fix potential kgd_mem UAFs CVE-2023-53832 — kernel: md/raid10: fix null-ptr-deref in raid10_sync_request CVE-2023-53852 — kernel: nvme-core: fix memory leak in dhchap_secret_store CVE-2023-53866 — kernel: ASoC: soc-compress: Reposition and add pcm_mutex CVE-2023-53867 — kernel: ceph: fix potential use-after-free bug when trimming caps CVE-2023-54004 — kernel: Linux kernel UDPLITE: Denial of Service via null pointer dereference CVE-2023-54011 — kernel: scsi: mpi3mr: Fix an issue found by KASAN CVE-2023-54015 — kernel: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device CVE-2023-54024 — kernel: Linux kernel KVM: Memory leak via coalesced MMIO unregistration failure CVE-2023-54029 — kernel: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO CVE-2023-54034 — kernel: Kernel (iommufd): Information Disclosure via uninitialized memory padding CVE-2023-54036 — kernel: Linux kernel: Denial of Service due to memory leak in rtl8xxxu Wi-Fi driver CVE-2023-54037 — kernel: Linux kernel: Denial of Service in ice driver via ethtool reload CVE-2023-54040 — kernel: Linux kernel: Denial of Service due to incorrect FDIR filter fallback logic CVE-2023-54041 — kernel: Linux kernel: Memory leak in io_uring can lead to denial of service CVE-2023-54043 — kernel: iommufd: Do not add the same hwpt to the ioas->hwpt_list twice CVE-2023-54053 — kernel: Linux kernel: Denial of Service in iwlwifi due to NULL pointer dereference CVE-2023-54055 — kernel: Linux kernel: Memory leak in RDMA/irdma subsystem leads to Denial of Service CVE-2023-54057 — kernel: iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter CVE-2023-54071 — kernel: wifi: rtw88: use work to update rate to avoid RCU warning CVE-2023-54073 — kernel: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site CVE-2023-54074 — kernel: Linux kernel: Denial of Service in mlx5e due to incorrect encap attribute handling CVE-2023-54085 — kernel: Linux kernel: Denial of Service due to NULL pointer dereference in mptcp fastopen CVE-2023-54088 — kernel: blk-cgroup: hold queue_lock when removing blkg->q_node CVE-2023-54092 — kernel: KVM: s390: pv: fix index value of replaced ASCE CVE-2023-54097 — kernel: Linux kernel: Memory leak in stm32-pwr regulator driver can lead to denial of service CVE-2023-54098 — kernel: Kernel: NULL pointer dereference in Intel GVT-g debugfs during device removal CVE-2023-54102 — kernel: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow CVE-2023-54108 — kernel: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests CVE-2023-54123 — kernel: Kernel: Denial of Service due to memory leak in RAID10 functionality CVE-2023-54129 — kernel: octeontx2-af: Add validation for lmac type CVE-2023-54131 — kernel: Linux kernel rt2x00 Wi-Fi driver: Denial of Service via memory leak during device removal CVE-2023-54144 — kernel: drm/amdkfd: Fix kernel warning during topology setup CVE-2023-54174 — kernel: vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd CVE-2023-54176 — kernel: mptcp: stricter state check in mptcp_worker CVE-2023-54191 — kernel: Linux kernel: Memory leak in mt76 Wi-Fi driver leads to Denial of Service CVE-2023-54195 — kernel: rxrpc: Fix timeout of a call that hasn't yet been granted a channel CVE-2023-54200 — kernel: Linux kernel: netfilter use-after-free vulnerability leading to denial of service CVE-2023-54202 — kernel: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl CVE-2023-54206 — kernel: net/sched: flower: fix filter idr initialization CVE-2023-54216 — kernel: net/mlx5e: TC, Fix using eswitch mapping in nic mode CVE-2023-54233 — kernel: ASoC: SOF: avoid a NULL dereference with unsupported widgets CVE-2023-54234 — kernel: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization CVE-2023-54238 — kernel: Linux kernel: Denial of Service in mlx5 driver due to memory leaks CVE-2023-54239 — kernel: iommufd: Check for uptr overflow CVE-2023-54245 — kernel: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds CVE-2023-54259 — kernel: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow CVE-2023-54262 — kernel: net/mlx5e: Don't clone flow post action attributes second time CVE-2023-54265 — kernel: ipv6: Fix an uninit variable access bug in __ip6_make_skb() CVE-2023-54269 — kernel: SUNRPC: double free xprt_ctxt while still in use CVE-2023-54270 — kernel: media: usb: siano: Fix use after free bugs caused by do_submit_urb CVE-2023-54273 — kernel: Linux kernel: Denial of Service due to xfrm resource leak CVE-2023-54275 — kernel: Linux kernel: Memory leak in ath11k Wi-Fi driver leads to Denial of Service CVE-2023-54276 — kernel: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net CVE-2023-54286 — kernel: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace CVE-2023-54294 — kernel: md/raid10: fix memleak of md thread CVE-2023-54300 — kernel: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx CVE-2023-54306 — kernel: net: tls: avoid hanging tasks on the tx_lock CVE-2023-54308 — kernel: ALSA: ymfpci: Create card with device-managed snd_devm_card_new() CVE-2023-54309 — kernel: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation CVE-2023-54317 — kernel: dm flakey: don't corrupt the zero page CVE-2023-54320 — kernel: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2() CVE-2023-54321 — kernel: driver core: fix potential null-ptr-deref in device_add() CVE-2023-54325 — kernel: crypto: qat - fix out-of-bounds read CVE-2024-0443 — kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline. CVE-2024-26649 — kernel: null pointer when load rlc firmware CVE-2024-57876 — kernel: drm/dp_mst: Fix resetting msg rx state after topology removal