- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738} - drm/amdgpu: Fix out-of-bounds write warning {CVE-2024-46725} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723} - drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs {CVE-2024-42285} - tipc: Return non-zero value from tipc_udp_addr2str() on error {CVE-2024-42284} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - nvme: avoid double free special payload {CVE-2024-41073} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - xfs: don't walk off the end of a directory data block {CVE-2024-41013} - tunnels: fix out of bounds access when building IPv6 PMTU error {CVE-2024-26665} - KVM: x86/mmu: make apf token non-zero to fix bug {CVE-2022-48943} - cifs: fix double free race when mount fails in cifs_get_root() {CVE-2022-48919} - netfilter: fix use-after-free in __nf_register_net_hook() {CVE-2022-48912} - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() {CVE-2022-48742} - selinux: fix double free of cond_list on error paths {CVE-2022-48740} - ALSA: hda: Fix UAF of leds class devs at unbinding {CVE-2022-48735} - drm/nouveau: fix off by one in BIOS boundary checking {CVE-2022-48732} - mm, slub: fix potential memoryleak in kmem_cache_open() {CVE-2021-47466} - x86/coco: Disable 32-bit emulation by default on TDX and SEV {CVE-2024-25744} - x86: Make IA32_EMULATION boot time configurable {CVE-2024-25744} - x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() {CVE-2024-25744} - x86/elf: Make loading of 32bit processes depend on ia32_enabled() {CVE-2024-25744} - x86/entry: Rename ignore_sysret() {CVE-2024-25744} - x86/cpu: Don't write CSTAR MSR on Intel CPUs {CVE-2024-25744} - x86: Introduce ia32_enabled() {CVE-2024-25744} - x86/asm/64: Change all ENTRY+END to SYM_CODE_* {CVE-2024-25744} - x86/head/64: Annotate start_cpu0() as non-callable {CVE-2024-25744} - x86/asm: Do not annotate functions with GLOBAL {CVE-2024-25744} - kprobes/x86/xen: blacklist non-attachable xen interrupt functions {CVE-2024-25744} - x86/asm/64: Add ENDs to some functions and relabel with SYM_CODE_* {CVE-2024-25744} - x86/asm: Use SYM_INNER_LABEL instead of GLOBAL {CVE-2024-25744} - x86/asm: Annotate aliases {CVE-2024-25744} - x86/asm/crypto: Annotate local functions {CVE-2024-25744} - scsi: qedf: Make qedf_execute_tmf() non-preemptible {CVE-2024-42124} - ftruncate: pass a signed offset {CVE-2024-42084} - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor {CVE-2024-41035} - xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014} - drm/radeon: fix UBSAN warning in kv_dpm.c {CVE-2024-40988} - ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601} - Input: cyapa - add missing input core locking to suspend/resume functions {CVE-2023-52884} - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() {CVE-2023-52840} - wifi: ath11k: fix htt pktlog locking {CVE-2023-52800} - wifi: ath11k: fix dfs radar event locking {CVE-2023-52798} - ACPI: LPIT: Avoid u32 multiplication overflow {CVE-2023-52683} - ACPI: extlog: fix NULL pointer dereference check {CVE-2023-52605} - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect {CVE-2023-52478} - USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760} - phylib: fix potential use-after-free {CVE-2022-48754} - serial: core: fix transmit-buffer reset and memleak {CVE-2021-47527} - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497} - mlxsw: thermal: Fix out-of-bounds memory accesses {CVE-2021-47441} - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs {CVE-2021-47393} - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47386} - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47385} - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47384} - virtio-net: Add validation for used length {CVE-2021-47352} - watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321} - ACPI: fix NULL pointer dereference {CVE-2021-47289} - ipv6: prevent possible NULL dereference in rt6_probe() {CVE-2024-40960} - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() {CVE-2024-40959} - wifi: iwlwifi: mvm: don't read past the mfuart notifcation {CVE-2024-40941} - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() {CVE-2024-40912} - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages {CVE-2024-40904} - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901} - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet {CVE-2024-39506} - vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499} - crypto: bcm - Fix pointer arithmetic {CVE-2024-38579} - scsi: qedf: Ensure the copied buf is NUL terminated {CVE-2024-38559} - net: openvswitch: fix overwriting ct original tuple for ICMPv6 {CVE-2024-38558} - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload {CVE-2024-36919} - netfilter: complete validation of user input {CVE-2024-35962} - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() {CVE-2024-35944} - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() {CVE-2024-26894} - dm: call the resume method on internal suspend {CVE-2024-26880} - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855} - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again {CVE-2024-26720} - tracing: Ensure visibility when inserting an element into tracing_map {CVE-2024-26645} - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() {CVE-2023-52809} - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() {CVE-2023-52470} - Input: add bounds checking to input_set_capability() {CVE-2022-48619} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148} - net: do not leave a dangling sk pointer, when socket creation fails {CVE-2024-40954} - media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900} - fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940} - PCI/MSI: Fix UAF in msi_capability_init {CVE-2024-41096}