- driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055} - net: tun: Fix use-after-free in tun_detach() {CVE-2022-49014} - memcg: fix possible use-after-free in memcg_write_event_control() {CVE-2022-48988} - ppp: fix ppp_async_encode() illegal access {CVE-2024-50035} - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error {CVE-2024-47698} - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails {CVE-2022-49029} - tipc: guard against string buffer overrun {CVE-2024-49995} - ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882} - ACPI: sysfs: validate return type of _STR method {CVE-2024-49860} - ext4: aovid use-after-free in ext4_ext_insert_extent() {CVE-2024-49883} - ext4: no need to continue when the number of entries is 1 {CVE-2024-49967} - padata: Fix possible divide-by-0 panic in padata_mt_helper() {CVE-2024-43889} - hwmon: (coretemp) Check for null before removing sysfs attrs {CVE-2022-49010} - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error {CVE-2024-47697} - wifi: ath11k: fix array out-of-bound access in SoC stats {CVE-2024-49930} - ipv6: avoid use-after-free in ip6_fragment() {CVE-2022-48956} - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() {CVE-2024-47685} - drm/i915/gt: Fix potential UAF by revoke of fence registers {CVE-2024-41092} - slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033} - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991} - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073} - ext4: fix timer use-after-free on failed mount {CVE-2024-49960} - ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889} - mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745} - firmware_loader: Block path traversal {CVE-2024-47742} - ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701} - tcp: drop the hash_32() part from the index calculation {CVE-2022-1012} - tcp: increase source port perturb table to 2^16 {CVE-2022-1012} - tcp: dynamically allocate the perturb table used by source ports {CVE-2022-1012} - net: dccp: fix kernel crash on module load {CVE-2022-1012} - net: dccp: initialize (addr,port) listening hashtable {CVE-2022-1012} - tcp: add small random increments to the source port {CVE-2022-1012} - tcp: resalt the secret every 10 seconds {CVE-2022-1012} - tcp: use different parts of the port_offset for index and offset {CVE-2022-1012} - secure_seq: use the 64 bits of the siphash for port offset calculation {CVE-2022-1012} - Revert "[ELSCVE-6395] secure_seq: use the 64 bits of the siphash for port offset calculation" {CVE-2022-1012} - tcp: add some entropy in __inet_hash_connect() {CVE-2022-1012} - tcp: change source port randomizarion at connect() time {CVE-2022-1012} - esp: limit skb_page_frag_refill use to a single page {CVE-2022-27666} - drm/vmwgfx: Fix stale file descriptors on failed usercopy {CVE-2022-22942} - PM-runtime: add tracepoints for usage_count changes {CVE-2022-0330} - fget: clarify and improve __fget_files() implementation {CVE-2021-4083} - proc/fd: In proc_fd_link use fget_task {CVE-2021-4083} - kcmp: In kcmp_epoll_target use fget_task {CVE-2021-4083} - file: Rename __fcheck_files to files_lookup_fd_raw {CVE-2021-4083} - fget: check that the fd still exists after getting a ref to it {CVE-2021-4083} - Revert "[ELSCVE-2732] fget: check that the fd still exists after getting a ref to it" {CVE-2021-4083} - file: Replace fcheck_files with files_lookup_fd_rcu {CVE-2021-4083} - file: Factor files_lookup_fd_locked out of fcheck_files {CVE-2021-4083}