Tuxcare Errata System 0.0.1 5.10 2026-04-17T17:51:10 Oracle Linux 7 - Version was updated Critical TuxCare License Agreement CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-38428: properly re-implement userinfo parsing (rfc2396) Critical TuxCare License Agreement CVE-2024-38428 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter Important TuxCare License Agreement CVE-2024-11233 CVE-2024-11234 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Port side-channel silent functions from 3.4.1. Partially fix for CVE-2018-16869 - CVE-2018-16869: Add side-channel silent memory, math, PKCS1, RSA functions - Added tests for side-channel silent implementations Moderate TuxCare License Agreement CVE-2018-16869 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Version was updated Important TuxCare License Agreement CVE-2024-7592 CVE-2024-6232 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use _gnutls_switch_lib_state for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side channel attacks. - CVE-2023-5981: removes branching that depends on secret data to prevent potential side-channel attack. - CVE-2024-0553: minimize branching after decryption. Important TuxCare License Agreement CVE-2024-0553 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Version was updated Important TuxCare License Agreement CVE-2024-25062 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Update version to 3.6.8-21.0.1.tuxcare.els1 Important TuxCare License Agreement CVE-2024-7592 CVE-2024-6232 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-12085: fix to prevent information leak off the stack Important TuxCare License Agreement CVE-2024-12085 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option - CVE-2024-12088: make --safe-links stricter Moderate TuxCare License Agreement CVE-2024-12088 CVE-2024-12087 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-12747: fix symlink race condition in sender Moderate TuxCare License Agreement CVE-2024-12747 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts Important TuxCare License Agreement CVE-2024-9287 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-27113: fix compilation of explicit child axis Important TuxCare License Agreement CVE-2025-27113 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-11187: fix Denial of Service via Additional Section Resource Exhaustion in BIND 9 Important TuxCare License Agreement CVE-2024-11187 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes Important TuxCare License Agreement CVE-2025-0840 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2022-30522: fix possible DoS Important TuxCare License Agreement CVE-2022-30522 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - HID: core: zero-initialize the report buffer {CVE-2024-50302} - Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()" - drm/amd/amdgpu: Fix GPR read from debugfs (v2) {CVE-2024-50282} - USB: serial: io_edgeport: fix use after free in debug printk {CVE-2024-50267} - wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234} - udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143} - Update dependency for shim and signing key Important TuxCare License Agreement CVE-2024-53142 CVE-2024-56650 CVE-2024-53141 CVE-2024-46813 CVE-2024-50267 CVE-2024-50143 CVE-2024-53104 CVE-2022-3640 CVE-2024-35849 CVE-2024-53239 CVE-2024-57798 CVE-2024-26689 CVE-2024-56603 CVE-2024-53173 CVE-2024-53150 CVE-2024-53103 CVE-2024-26791 CVE-2024-50115 CVE-2024-53057 CVE-2024-49967 CVE-2024-47745 CVE-2024-50007 CVE-2024-50055 CVE-2024-49889 CVE-2024-49991 CVE-2024-46818 CVE-2024-44970 CVE-2024-46750 CVE-2024-46756 CVE-2024-46731 CVE-2024-46758 CVE-2024-46757 CVE-2024-46724 CVE-2024-46800 CVE-2024-46723 CVE-2024-46722 CVE-2024-44940 CVE-2024-41071 CVE-2024-42301 CVE-2024-42280 CVE-2024-38600 CVE-2024-38570 CVE-2024-42228 CVE-2024-36971 CVE-2024-50302 CVE-2024-26898 CVE-2024-0775 CVE-2022-1011 CVE-2024-53227 CVE-2024-56605 CVE-2024-56759 CVE-2024-56551 CVE-2024-26882 CVE-2024-38538 CVE-2024-42148 CVE-2024-43900 CVE-2024-43882 CVE-2024-46673 CVE-2024-44987 CVE-2024-46738 CVE-2024-50073 CVE-2024-47701 CVE-2024-50035 CVE-2024-47742 CVE-2024-49960 CVE-2024-49882 CVE-2024-49860 CVE-2024-49950 CVE-2024-49894 CVE-2024-43839 CVE-2024-50033 CVE-2024-50234 CVE-2021-43975 CVE-2024-56606 CVE-2024-53156 CVE-2024-27043 CVE-2024-47659 CVE-2024-46744 CVE-2024-39494 CVE-2024-56604 CVE-2024-50282 CVE-2024-36960 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Sign by Cloudlinux - CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never written beyond the boundary - CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver Important TuxCare License Agreement CVE-2023-4693 CVE-2023-4692 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895] Moderate TuxCare License Agreement CVE-2025-26465 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - drm: nv04: Fix out of bounds access {CVE-2024-27008} - media: uvcvideo: Fix double free in error path {CVE-2024-57980} Important TuxCare License Agreement CVE-2024-57980 CVE-2024-27008 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-0624: net: Out-of-bounds write in grub_net_search_configfile() - CVE-2025-0690: read: Integer overflow may lead to out-of-bounds write - CVE-2025-1118: commands/dump: The dump command is not in lockdown when secure boot is enabled - CVE-2025-0678: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data - CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based out-of-bounds write Important TuxCare License Agreement CVE-2024-45783 CVE-2024-45775 CVE-2024-56737 CVE-2025-0690 CVE-2024-45781 CVE-2024-45776 CVE-2025-0678 CVE-2024-45774 CVE-2025-0622 CVE-2024-45777 CVE-2025-1118 CVE-2024-45780 CVE-2025-0689 CVE-2025-0624 CVE-2024-45782 CVE-2025-1125 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-52531: fix buffer overflow caused by conversion to UTF-8 Critical TuxCare License Agreement CVE-2024-52531 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-2496: Fix NULL pointer dereference in udevConnectListAllInterfaces() function Moderate TuxCare License Agreement CVE-2024-2496 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - sctp: sysctl: auth_enable: avoid using current->nsproxy - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy {CVE-2025-21640} - bpf: Use preempt_count() directly in bpf_send_signal_common() - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" - jfs: fix slab-out-of-bounds read in ea_get() - serial: 8250_dma: terminate correct DMA in tx_dma_flush() - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" - net: usb: usbnet: restore usb%d name exception for local mac addresses - vlan: fix memory leak in vlan_newlink() {CVE-2022-49636} - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity - LTS tag: v5.4.291 - eeprom: digsy_mtc: Make GPIO lookup table match the device - slimbus: messaging: Free transaction ID in delayed interrupt scenario {CVE-2025-21914} - intel_th: pci: Add Panther Lake-P/U support - intel_th: pci: Add Panther Lake-H support - intel_th: pci: Add Arrow Lake support - Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982} - xhci: pci: Fix indentation in the PCI device ID definitions - usb: gadget: Check bmAttributes only if configuration is valid - usb: gadget: Fix setting self-powered state on suspend - usb: gadget: Set self-powered based on MaxPower and bmAttributes - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality - usb: typec: ucsi: increase timeout for PPM reset operations - usb: atm: cxacru: fix a flaw in existing endpoint checks {CVE-2025-21916} - usb: renesas_usbhs: Flush the notify_hotplug_work {CVE-2025-21917} - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader - usb: renesas_usbhs: Use devm_usb_get_phy() - usb: renesas_usbhs: Call clk_put() - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" - gpio: rcar: Fix missing of_node_put() call - net: ipv6: fix missing dst ref drop in ila lwtunnel - net: ipv6: fix dst ref loop in ila lwtunnel - net-timestamp: support TCP GSO case for a few missing flags - vlan: enforce underlying device type {CVE-2025-21920} - ppp: Fix KMSAN uninit-value warning with bpf {CVE-2025-21922} - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink - drm/sched: Fix preprocessor guard - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() - llc: do not use skb_get() before dev_queue_xmit() {CVE-2025-21925} - hwmon: (ad7314) Validate leading zero bits and return error - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table - hwmon: (pmbus) Initialise page count in pmbus_identify() - caif_virtio: fix wrong pointer check in cfv_probe() {CVE-2025-21904} - net: gso: fix ownership in __udp_gso_segment {CVE-2025-21926} - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() {CVE-2025-21928} - HID: google: fix unused variable warning under !CONFIG_ACPI - wifi: iwlwifi: limit printed string from FW file {CVE-2025-21905} - mm/page_alloc: fix uninitialized variable - rapidio: fix an API misues when rio_add_net() fails {CVE-2025-21934} - rapidio: add check for rio_add_net() in rio_scan_alloc_net() - wifi: nl80211: reject cooked mode if it is set along with other flags {CVE-2025-21909} - wifi: cfg80211: regulatory: improve invalid hints checking {CVE-2025-21910} - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 - x86/cpu: Validate CPUID leaf 0x2 EDX output - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M - ALSA: hda/realtek: update ALC222 depop optimize - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist - HID: appleir: Fix potential NULL dereference at raw event handle {CVE-2025-21948} - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" - drm/amdgpu: disable BAR resize on Dell G5 SE - drm/amdgpu: Check extended configuration space register when system uses large bar - drm/amdgpu: skip BAR resizing if the bios already did it - acct: perform last write from workqueue {CVE-2025-21846} - kernel/acct.c: use dedicated helper to access rlimit values - kernel/acct.c: use #elif instead of #end and #elif - drop_monitor: fix incorrect initialization order {CVE-2025-21862} - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 {CVE-2025-21702} - sched/core: Prevent rescheduling when interrupts are disabled {CVE-2024-58090} - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk - phy: tegra: xusb: reset VBUS & ID OVERRIDE - usbnet: gl620a: fix endpoint checking in genelink_bind() {CVE-2025-21877} - perf/core: Fix low freq setting via IOC_PERIOD - ftrace: Avoid potential division by zero in function_stat_show() - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. - ipvs: Always clear ipvs_property flag in skb_scrub_packet() - ASoC: es8328: fix route from DAC to output - net: cadence: macb: Synchronize stats calculations - sunrpc: suppress warnings for unused procfs functions - batman-adv: Drop unmanaged ELP metric worker {CVE-2025-21823} - batman-adv: Ignore neighbor throughput metrics in error case - acct: block access to kernel internal filesystems - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() {CVE-2025-21848} - tee: optee: Fix supplicant wait loop {CVE-2025-21871} - power: supply: da9150-fg: fix potential overflow - flow_dissector: Fix port range key handling in BPF conversion - flow_dissector: Fix handling of mixed port and port-range keys - net: extract port range fields from fl_flow_key - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). - geneve: Fix use-after-free in geneve_find_dev(). {CVE-2025-21858} - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h - USB: gadget: f_midi: f_midi_complete to call queue_work {CVE-2025-21859} - usb/gadget: f_midi: Replace tasklet with work - usb/gadget: f_midi: convert tasklets to use new tasklet_setup() API - usb: dwc3: Fix timeout issue during controller enter/exit from halt state - usb: dwc3: Increase DWC3 controller halt timeout - memcg: fix soft lockup in the OOM process {CVE-2024-57977} - mm: update mark_victim tracepoints fields - crypto: testmgr - some more fixes to RSA test vectors - crypto: testmgr - populate RSA CRT parameters in RSA test vectors - crypto: testmgr - fix version number of RSA tests - crypto: testmgr - Fix wrong test case of RSA - crypto: testmgr - fix wrong key length for pkcs1pad - driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055} - scsi: storvsc: Set correct data length for sending SCSI command without payload - vlan: move dev_put into vlan_dev_uninit - vlan: introduce vlan_dev_free_egress_priority - pps: Fix a use-after-free {CVE-2024-57979} - btrfs: avoid monopolizing a core when activating a swap file - x86/i8253: Disable PIT timer 0 when not in use - parport_pc: add support for ASIX AX99100 - serial: 8250_pci: add support for ASIX AX99100 - can: ems_pci: move ASIX AX99100 ids to pci_ids.h - nilfs2: protect access to buffers with no active references {CVE-2025-21811} - nilfs2: do not force clear folio if buffer is referenced {CVE-2025-21722} - nilfs2: do not output warnings when clearing dirty buffers - alpha: replace hardcoded stack offsets with autogenerated ones - ndisc: extend RCU protection in ndisc_send_skb() {CVE-2025-21760} - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() - arp: use RCU protection in arp_xmit() {CVE-2025-21762} - neighbour: use RCU protection in __neigh_notify() {CVE-2025-21763} - neighbour: delete redundant judgment statements - ndisc: use RCU protection in ndisc_alloc_skb() {CVE-2025-21764} - ipv6: use RCU protection in ip6_default_advmss() {CVE-2025-21765} - ipv4: use RCU protection in inet_select_addr() - ipv4: use RCU protection in rt_is_expired() - net: add dev_net_rcu() helper - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() - regmap-irq: Add missing kfree() - partitions: mac: fix handling of bogus partition table {CVE-2025-21772} - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock - alpha: align stack for page fault and user unaligned trap handlers - serial: 8250: Fix fifo underflow on flush - alpha: make stack 16-byte aligned (most cases) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero - can: c_can: fix unbalanced runtime PM disable in error path - USB: serial: option: drop MeiG Smart defines - USB: serial: option: fix Telit Cinterion FN990A name - USB: serial: option: add Telit Cinterion FN990B compositions - USB: serial: option: add MeiG Smart SLM828 - usb: cdc-acm: Fix handling of oversized fragments - usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704} - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk - USB: hub: Ignore non-compliant devices with too many configs or interfaces {CVE-2025-21776} - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths {CVE-2025-21835} - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI - usb: dwc2: gadget: remove of_node reference upon udc_stop - usb: gadget: udc: renesas_usb3: Fix compiler warning - usb: roles: set switch registered flag early on - batman-adv: fix panic during interface removal {CVE-2025-21781} - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V - orangefs: fix a oob in orangefs_debug_write {CVE-2025-21782} - Grab mm lock before grabbing pt lock - vfio/pci: Enable iowrite64 and ioread64 for vfio pci - media: cxd2841er: fix 64-bit division on gcc-9 - gpio: bcm-kona: Add missing newline to dev_err format string - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array {CVE-2025-21785} - team: better TEAM_OPTION_TYPE_STRING validation {CVE-2025-21787} - vrf: use RCU protection in l3mdev_l3_out() {CVE-2025-21791} - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() - HID: multitouch: Add NULL check in mt_input_configured - ocfs2: check dir i_size in ocfs2_find_entry - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static - ptp: Ensure info->enable callback is always set {CVE-2025-21814} - net/ncsi: wait for the last response to Deselect Package before configuring channel - misc: fastrpc: Fix registered buffer page address - mtd: onenand: Fix uninitialized retlen in do_otp_read() - NFC: nci: Add bounds checking in nci_hci_create_pipe() - nilfs2: fix possible int overflows in nilfs_fiemap() {CVE-2025-21736} - ocfs2: handle a symlink read error correctly {CVE-2024-58001} - vfio/platform: check the bounds of read/write syscalls {CVE-2025-21687} - nvmem: core: improve range check for nvmem_cell_write() - crypto: qce - unregister previously registered algos in error path - crypto: qce - fix goto jump in error path - media: uvcvideo: Remove redundant NULL assignment - media: uvcvideo: Fix event flags in uvc_ctrl_send_events - media: ov5640: fix get_light_freq on auto - soc: qcom: smem_state: fix missing of_node_put in error path - kbuild: Move -Wenum-enum-conversion to W=2 - powerpc/pseries/eeh: Fix get PE state translation - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use - serial: sh-sci: Drop __initdata macro for port_cfg - soc: qcom: socinfo: Avoid out of bounds read of serial number {CVE-2024-58007} - usb: gadget: f_tcm: Don't prepare BOT write request twice - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint - usb: gadget: f_tcm: Decrement command ref count on cleanup - usb: gadget: f_tcm: Translate error to sense - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() {CVE-2025-21744} - HID: hid-sensor-hub: don't use stale platform-data on remove - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' - of: Fix of_find_node_opts_by_path() handling of alias+path+options - of: Correct child specifier used as input of the 2nd nexus node - perf bench: Fix undefined behavior in cmpworker() - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate - clk: qcom: clk-alpha-pll: fix alpha mode configuration - drm/komeda: Add check for komeda_get_layer_fourcc_list() - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() {CVE-2024-58083} - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma - binfmt_flat: Fix integer overflow bug on 32 bit systems {CVE-2024-58010} - m68k: vga: Fix I/O defines - s390/futex: Fix FUTEX_OP_ANDN implementation - leds: lp8860: Write full EEPROM, not only half of it - cpufreq: s3c64xx: Fix compilation warning - tun: revert fix group permission check - net: rose: lock the socket in rose_bind() {CVE-2025-21749} - udp: gso: do not drop small packets when PMTU reduces - tg3: Disable tg3 PCIe AER on system reboot - gpu: drm_dp_cec: fix broken CEC adapter properties check - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry - nvme: handle connectivity loss in nvme_set_queue_count - usb: xhci: Fix NULL pointer dereference on certain command aborts {CVE-2024-57981} - usb: xhci: Add timeout argument in address_device USB HCD callback - net: usb: rtl8150: enable basic endpoint checking {CVE-2025-21708} - net: usb: rtl8150: use new tasklet API - tasklet: Introduce new initialization API - kbuild: userprogs: use correct lld when linking through clang - media: uvcvideo: Remove dangling pointers {CVE-2024-58002} - media: uvcvideo: Only save async fh if success - nilfs2: handle errors that nilfs_prepare_chunk() may return {CVE-2025-21721} - nilfs2: eliminate staggered calls to kunmap in nilfs_rename - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link - spi-mxs: Fix chipselect glitch - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode - APEI: GHES: Have GHES honor the panic= setting - HID: Wacom: Add PCI Wacom device support - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id - tomoyo: don't emit warning in tomoyo_write_control() {CVE-2024-58085} - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() - mmc: core: Respect quirk_max_rate for non-UHS SDIO card - tun: fix group permission check - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX {CVE-2024-58017} - x86/amd_nb: Restrict init function to AMD-based systems - sched: Don't try to catch up excess steal time. - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling - btrfs: fix use-after-free when attempting to join an aborted transaction {CVE-2025-21753} - btrfs: output the reason for open_ctree() failure - usb: gadget: f_tcm: Don't free command immediately {CVE-2024-58055} - media: uvcvideo: Fix double free in error path {CVE-2024-57980} - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE - drivers/card_reader/rtsx_usb: Restore interrupt based detection - ktest.pl: Check kernelrelease return in get_version - NFSD: Reset cb_seq_status after NFS4ERR_DELAY - hexagon: Fix unbalanced spinlock in die() - hexagon: fix using plain integer as NULL pointer warning in cmpxchg - genksyms: fix memory leak when the same symbol is read from *.symref file - genksyms: fix memory leak when the same symbol is added from source - net: sh_eth: Fix missing rtnl lock in suspend/resume path - vsock: Allow retrying on connect() failure - perf trace: Fix runtime error of index out of bounds - net: davicom: fix UAF in dm9000_drv_remove {CVE-2025-21715} - net: rose: fix timer races against user threads {CVE-2025-21718} - PM: hibernate: Add error handling for syscore_suspend() - ipmr: do not call mr_mfc_uses_dev() for unres entries {CVE-2025-21719} - net: fec: implement TSO descriptor cleanup - ubifs: skip dumping tnc tree when zroot is null {CVE-2024-58058} - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read {CVE-2024-58069} - dmaengine: ti: edma: fix OF node reference leaks in edma_driver - module: Extend the preempt disabled section in dereference_symbol_descriptor(). - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() - media: uvcvideo: Propagate buf->error to userspace - media: camif-core: Add check for clk_enable() - media: mipi-csis: Add check for clk_enable() - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() - media: lmedm04: Handle errors for lme2510_int_read - media: lmedm04: Use GFP_KERNEL for URB allocation/submission. - media: rc: iguanair: handle timeouts - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() - ARM: dts: mediatek: mt7623: fix IR nodename - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property - rdma/cxgb4: Prevent potential integer overflow on 32bit {CVE-2024-57973} - RDMA/mlx4: Avoid false error about access to uninitialized gids array - bpf: Send signals asynchronously if !preemptible {CVE-2025-21728} - perf report: Fix misleading help message about --demangle - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples - padata: fix sysfs store callback check - ktest.pl: Remove unused declarations in run_bisect_test function - perf header: Fix one memory leakage in process_bpf_prog_info() - perf header: Fix one memory leakage in process_bpf_btf() - ASoC: sun4i-spdif: Add clock multiplier settings - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind - net: sched: Disallow replacing of child qdisc from one parent to another {CVE-2025-21700} - net/mlxfw: Drop hard coded max FW flash image size - net: let net.core.dev_weight always be non-zero {CVE-2025-21806} - clk: analogbits: Fix incorrect calculation of vco rate delta - selftests: harness: fix printing of mismatch values in __EXPECT() - selftests/harness: Display signed values correctly - wifi: wlcore: fix unbalanced pm_runtime calls - regulator: of: Implement the unwind path of of_regulator_match() - team: prevent adding a device which is already a team device lower {CVE-2024-58071} - cpupower: fix TSC MHz calculation - wifi: rtlwifi: pci: wait for firmware loading before releasing memory - wifi: rtlwifi: fix memory leaks and invalid access at probe error path {CVE-2024-58063} - wifi: rtlwifi: remove unused check_buddy_priv {CVE-2024-58072} - wifi: rtlwifi: remove unused dualmac control leftovers - wifi: rtlwifi: remove unused timer and related code - rtlwifi: replace usage of found with dedicated list iterator variable - dt-bindings: mmc: controller: clarify the address-cells description - wifi: rtlwifi: usb: fix workqueue leak when probe fails - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step - rtlwifi: rtl8192se Rename RT_TRACE to rtl_dbg - wifi: rtlwifi: do not complete firmware loading needlessly - ipmi: ipmb: Add check devm_kasprintf() returned value {CVE-2024-58051} - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table - drm/etnaviv: Fix page property being used for non writecombine buffers - partitions: ldm: remove the initial kernel-doc notation - nbd: don't allow reconnect after disconnect {CVE-2025-21731} - afs: Fix directory format encoding struct - overflow: Allow mixed type arguments - overflow: Correct check_shl_overflow() comment - overflow: Add __must_check attribute to check_*() helpers - rds: ib: Do not attempt to insert RDMA exthdr twice - net: mana: Fix TX CQE error handling {CVE-2023-52532} - net/mlx5: Stop waiting for PCI if pci channel is offline - rds: ib: Fix racy send affinity work cancellation - rds: ib: Make traffic_class visible to user-space - rds: ib: Remove incorrect update of the path record sl and qos_class fields - net: core: reject skb_copy(_expand) for fraglist GSO skbs {CVE-2024-36929} - udp: do not accept non-tunnel GSO skbs landing in a tunnel {CVE-2024-35884} - udp: never accept GSO_FRAGLIST packets - udp: initialize is_flist with 0 in udp_gro_receive - ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494} - sched: sch_cake: add bounds checks to host bulk flow fairness counts {CVE-2025-21647} - udf: Fix use of check_add_overflow() with mixed type arguments - x86/xen: allow larger contiguous memory regions in PV guests - xen: remove a confusing comment on auto-translated guest I/O - ALSA: hda/realtek: Fixup ALC225 depop procedure - ALSA: hda/realtek - Add type for ALC287 - net: loopback: Avoid sending IP packets without an Ethernet header - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() - ocfs2: fix incorrect CPU endianness conversion causing mount failure - Revert "btrfs: avoid monopolizing a core when activating a swap file" - gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc {CVE-2024-58009} - rds: Make sure transmit path and connection tear-down does not run concurrently - NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() - LTS tag: v5.4.290 - Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals - xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals - drm/v3d: Assign job pointer to NULL before signaling the fence {CVE-2025-21688} - Input: xpad - add support for wooting two he (arm) - Input: xpad - add unofficial Xbox 360 wireless receiver clone - Input: atkbd - map F23 key to support default copilot shortcut - Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() - ext4: fix slab-use-after-free in ext4_split_extent_at() - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - vfio/platform: check the bounds of read/write syscalls {CVE-2025-21687} - net/xen-netback: prevent UAF in xenvif_flush_hash() {CVE-2024-49936} - net: xen-netback: hash.c: Use built-in RCU list checking - signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die - m68k: Add missing mmap_read_lock() to sys_cacheflush() - m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request - ASoC: wm8994: Add depends on MFD core - net: fix data-races around sk->sk_forward_alloc {CVE-2024-53124} - scsi: sg: Fix slab-use-after-free read in sg_release() {CVE-2024-56631} - ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() - irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly - fs/proc: fix softlockup in __read_vmcore (part 2) {CVE-2025-21694} - net: ethernet: xgbe: re-add aneg to supported features in PHY quirks - nvmet: propagate npwg topology - poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() - kheaders: Ignore silly-rename files - hfs: Sanity check the root record - mac802154: check local interfaces before deleting sdata list {CVE-2024-57948} - i2c: mux: demux-pinctrl: check initial mux selection, too - drm/v3d: Ensure job pointer is set to NULL after job completion {CVE-2025-21697} - nfp: bpf: prevent integer overflow in nfp_bpf_event_output() - gtp: Destroy device along with udp socket's netns dismantle. {CVE-2025-21678} - gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). - gtp: use exit_batch_rtnl() method - net: add exit_batch_rtnl() method - net: net_namespace: Optimize the code - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() - sctp: sysctl: rto_min/max: avoid using current->nsproxy - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv {CVE-2024-57892} - ocfs2: correct return value of ocfs2_local_free_info() - phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider - phy: core: fix code style in devm_of_phy_provider_unregister - arm64: dts: rockchip: add hevc power domain clock to rk3328 - arm64: dts: rockchip: add #power-domain-cells to power domain nodes - arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 - arm64: dts: rockchip: fix defines in pd_vio node for rk3399 - iio: inkern: call iio_device_put() only on mapped devices - iio: adc: at91: call input_free_device() on allocated iio_dev {CVE-2024-57904} - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() - iio: gyro: fxas21002c: Fix missing data update in trigger handler - iio: adc: ti-ads8688: fix information leak in triggered buffer {CVE-2024-57906} - iio: imu: kmx61: fix information leak in triggered buffer {CVE-2024-57908} - iio: light: vcnl4035: fix information leak in triggered buffer {CVE-2024-57910} - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer - iio: pressure: zpa2326: fix information leak in triggered buffer {CVE-2024-57912} - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind {CVE-2024-57913} - usb: fix reference leak in usb_new_device() - USB: core: Disable LPM only for non-suspended ports - USB: usblp: return error when setting unsupported protocol - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null - USB: serial: cp210x: add Phoenix Contact UPS Device - usb-storage: Add max sectors quirk for Nokia 208 - staging: iio: ad9832: Correct phase range check - staging: iio: ad9834: Correct phase range check - USB: serial: option: add Neoway N723-EA support - USB: serial: option: add MeiG Smart SRM815 - drm/amd/display: increase MAX_SURFACES to the value supported by hw - ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] - ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] - drm/amd/display: Add check for granularity in dml ceil/floor helpers {CVE-2024-57922} - sctp: sysctl: auth_enable: avoid using current->nsproxy - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy {CVE-2025-21640} - dm thin: make get_first_thin use rcu-safe list first function {CVE-2025-21664} - tls: Fix tls_sw_sendmsg error handling - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute {CVE-2025-21653} - tcp/dccp: allow a connection when sk_max_ack_backlog is zero - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog - net: 802: LLC+SNAP OID:PID lookup on start of skb data - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() - dm array: fix cursor index when skipping across block boundaries - dm array: fix unreleased btree blocks on closing a faulty array cursor - dm array: fix releasing a faulty array block twice in dm_array_cursor_end {CVE-2024-57929} - jbd2: flush filesystem device before updating tail sequence - Revert "NFSD: Limit the number of concurrent async COPY operations" - rds: ib: Avoid sleeping function inside RCU region by using sampled values instead - dm rq: don't queue request to blk-mq during DM suspend {CVE-2021-47498} - dm: rearrange core declarations for extended use from dm-zone.c - cgroup: Make operations on the cgroup root_list RCU safe - uek: kabi: Fix build error for HIDE_INCLUDE macro - oracleasm: Fix PI when use_logical_block_size is set - oracleasm: Add support for per-I/O block size selection - perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() - io_uring: fix possible deadlock in io_register_iowq_max_workers() - io_uring/rw: fix missing NOWAIT check for O_DIRECT start write {CVE-2024-53052} - io_uring: use kiocb_{start,end}_write() helpers - fs: create kiocb_{start,end}_write() helpers - io_uring: rename kiocb_end_write() local helper - io_uring/sqpoll: close race on waiting for sqring entries - io_uring/sqpoll: do not put cpumask on stack - io_uring/sqpoll: retain test for whether the CPU is valid - io_uring/sqpoll: do not allow pinning outside of cpuset - io_uring/io-wq: limit retrying worker initialisation - vfs: check dentry is still valid in get_link() - RDS: avoid queueing delayed work on an offlined cpu - NFSD: Limit the number of concurrent async COPY operations {CVE-2024-49974} - LTS tag: v5.4.289 - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() - drm: adv7511: Drop dsi single lane support - net/sctp: Prevent autoclose integer overflow in sctp_association_init() - sky2: Add device ID 11ab:4373 for Marvell 88E8075 - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking {CVE-2024-57889} - RDMA/uverbs: Prevent integer overflow issue {CVE-2024-57890} - modpost: fix the missed iteration for the max bit in do_input() - modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host - ARC: build: Try to guess GCC variant of cross compiler - irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base - net: usb: qmi_wwan: add Telit FE910C04 compositions - bpf: fix potential error return - sound: usb: format: don't warn that raw DSD is unsupported - wifi: mac80211: wake the queues in case of failure in resume - ila: serialize calls to nf_register_net_hooks() {CVE-2024-57900} - ALSA: usb-audio: US16x08: Initialize array before use - net: llc: reset skb->transport_header - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext {CVE-2024-54031} - netfilter: Replace zero-length array with flexible-array member - netrom: check buffer length before accessing it {CVE-2024-57802} - drm/bridge: adv7511_audio: Update Audio InfoFrame properly - drm: bridge: adv7511: Enable SPDIF DAI - RDMA/bnxt_re: Fix max_qp_wrs reported - RDMA/bnxt_re: Fix reporting hw_ver in query_device - RDMA/bnxt_re: Add check for path mtu in modify_qp - RDMA/mlx5: Enforce same type port association for multiport RoCE - net/mlx5: Make API mlx5_core_is_ecpf accept const pointer - IB/mlx5: Introduce and use mlx5_core_is_vf() - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet {CVE-2024-55916} - selinux: ignore unknown extended permissions {CVE-2024-57931} - ipv6: prevent possible UAF in ip6_xmit() {CVE-2024-44985} - skb_expand_head() adjust skb->truesize incorrectly - btrfs: avoid monopolizing a core when activating a swap file - tracing: Constify string literal data member in struct trace_event_call - bpf: fix recursive lock when verdict program return SK_PASS {CVE-2024-56694} - ipv6: fix possible UAF in ip6_finish_output2() - ipv6: use skb_expand_head in ip6_xmit - ipv6: use skb_expand_head in ip6_finish_output2 - skbuff: introduce skb_expand_head() - MIPS: Probe toolchain support of -msym32 - epoll: Add synchronous wakeup support for ep_poll_callback - virtio-blk: don't keep queue frozen during system suspend {CVE-2024-57946} - scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF - regmap: Use correct format specifier for logging range errors - scsi: megaraid_sas: Fix for a potential deadlock {CVE-2024-57807} - scsi: qla1280: Fix hw revision numbering for ISP1020/1040 - tracing/kprobe: Make trace_kprobe's module callback called after jump_label update - dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset - dmaengine: mv_xor: fix child node refcount handling in early exit - phy: core: Fix that API devm_phy_destroy() fails to destroy the phy - phy: core: Fix that API devm_phy_put() fails to release the phy - phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() - phy: core: Fix an OF node refcount leakage in _of_phy_get() - mtd: diskonchip: Cast an operand to prevent potential overflow - bpf: Check negative offsets in __bpf_skb_min_len() - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg {CVE-2024-56769} - of: Fix refcount leakage for OF node returned by __of_get_dma_parent() - of: Fix error path in of_parse_phandle_with_args_map() - udmabuf: also check for F_SEAL_FUTURE_WRITE - nilfs2: prevent use of deleted inode {CVE-2024-53690} - NFS/pnfs: Fix a live lock between recalled layouts and layoutget - btrfs: tree-checker: reject inline extent items with 0 ref count - zram: refuse to use zero sized block device as backing device - sh: clk: Fix clk_enable() to return 0 on NULL clk - USB: serial: option: add Telit FE910C04 rmnet compositions - USB: serial: option: add MediaTek T7XX compositions - USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready - USB: serial: option: add MeiG Smart SLM770A - USB: serial: option: add TCL IK512 MBIM & ECM - efivarfs: Fix error on non-existent file - i2c: riic: Always round-up when calculating bus period - chelsio/chtls: prevent potential integer overflow on 32bit - mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk - netfilter: ipset: Fix for recursive locking warning - net: ethernet: bgmac-platform: fix an OF node reference leak - net: hinic: Fix cleanup in create_rxqs/txqs() - ionic: use ee->offset when returning sprom data - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll - erofs: fix incorrect symlink detection in fast symlink - erofs: fix order >= MAX_ORDER warning due to crafted negative i_size - drm/i915: Fix memory leak by correcting cache object name in error handler - PCI: Add ACS quirk for Broadcom BCM5760X NIC - ALSA: usb: Fix UBSAN warning in parse_audio_unit() - PCI/AER: Disable AER service on suspend - usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled - net: sched: fix ordering of qlen adjustment {CVE-2024-53164} - kpcimgr: fix flush_icache_range arguments - ftrace: use preempt_enable/disable notrace macros to avoid double fault - nfsd: restore callback functionality for NFSv4.0 - i2c: pnx: Fix timeout in wait functions - of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() - af_packet: fix vlan_get_tci() vs MSG_PEEK {CVE-2024-57902} - af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK {CVE-2024-57901} - mtd: rawnand: fix double free in atmel_pmecc_create_user() - Revert "xen/swiotlb: add alignment check for dma buffers" - vfio/iommu_type1: Fix some sanity checks in detach group - Revert "vfio/iommu_type1: Fix some sanity checks in detach group" - rds: ib: Avoid UAF on RDS Socket's rs_trans_lock - rds: ib: Fix blocked processes related to race in rds_rdma_free_dev_rs_worker() - rds: ib: Fix deterministic UAF in rds_rdma_free_dev_rs_worker() - Revert "KVM: SVM: Add a module parameter to override iommu AVIC usage" - LTS tag: v5.4.288 - ALSA: usb-audio: Fix a DMA to stack memory bug - xen/netfront: fix crash when removing device {CVE-2024-53240} - KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status - blk-iocost: Avoid using clamp() on inuse in __propagate_weights() - blk-iocost: fix weight updates of inner active iocgs - blk-iocost: clamp inuse and skip noops in __propagate_weights() - ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired - net/sched: netem: account for backlog updates from child qdisc {CVE-2024-56770} - qca_spi: Make driver probing reliable - qca_spi: Fix clock speed for multiple QCA7000 - ACPI: resource: Fix memory resource type union access - net: lapb: increase LAPB_HEADER_LEN {CVE-2024-56659} - tipc: fix NULL deref in cleanup_bearer() {CVE-2024-56661} - batman-adv: Do not let TT changes list grows indefinitely - batman-adv: Remove uninitialized data in full table TT response - batman-adv: Do not send uninitialized TT changes - bpf, sockmap: Fix update element with same - xfs: don't drop errno values when we fail to ficlone the entire range - usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer - usb: ehci-hcd: fix call balance of clocks handling routines - usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature - ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() - usb: host: max3421-hcd: Correctly abort a USB request. - LTS tag: v5.4.287 - bpf, xdp: Update devmap comments to reflect napi/rcu usage - ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150} - PCI: rockchip-ep: Fix address translation unit programming - Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()" - modpost: Add .irqentry.text to OTHER_SECTIONS - jffs2: Fix rtime decompressor - jffs2: Prevent rtime decompress memory corruption {CVE-2024-57850} - KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE - KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device - KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* - perf/x86/intel/pt: Fix buffer full but size is 0 case - bpf: fix OOB devmap writes when deleting elements {CVE-2024-56615} - xdp: Simplify devmap cleanup - misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle - powerpc/prom_init: Fixup missing powermac #size-cells {CVE-2024-56781} - usb: chipidea: udc: handle USB Error Interrupt if IOC not set - i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock - PCI: Add ACS quirk for Wangxun FF5xxx NICs - PCI: Add 'reset_subordinate' to reset hierarchy below bridge - f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. {CVE-2024-56586} - nvdimm: rectify the illogical code within nd_dax_probe() - pinctrl: qcom-pmic-gpio: add support for PM8937 - scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset - scsi: st: Don't modify unknown block number in MTIOCGET - leds: class: Protect brightness_show() with led_cdev->led_access mutex - tracing: Use atomic64_inc_return() in trace_clock_counter() - netpoll: Use rcu_access_pointer() in __netpoll_setup - net/neighbor: clear error in case strict check is not set - rocker: fix link status detection in rocker_carrier_init() - ASoC: hdmi-codec: reorder channel allocation list - Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables - wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() - wifi: ipw2x00: libipw_rx_any(): fix bad alignment - drm/amdgpu: set the right AMDGPU sg segment limitation {CVE-2024-56594} - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree {CVE-2024-56595} - jfs: fix array-index-out-of-bounds in jfs_readdir {CVE-2024-56596} - jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597} - jfs: array-index-out-of-bounds fix in dtReadFirst {CVE-2024-56598} - wifi: ath5k: add PCI ID for Arcadyan devices - wifi: ath5k: add PCI ID for SX76X - net: inet6: do not leave a dangling sk pointer in inet6_create() {CVE-2024-40954} - net: inet: do not leave a dangling sk pointer in inet_create() {CVE-2024-40954} - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() {CVE-2024-40954} - net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-40954} - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() - af_packet: avoid erroring out after sock_init_data() in packet_create() {CVE-2024-40954} - net/sched: cbs: Fix integer overflow in cbs_set_port_rate() - net: ethernet: fs_enet: Use %pa to format resource_size_t - net: fec_mpc52xx_phy: Use %pa to format resource_size_t - samples/bpf: Fix a resource leak - drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() - drm/mcde: Enable module autoloading - drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model - media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 - media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera - s390/cpum_sf: Handle CPU hotplug remove during sampling {CVE-2024-57849} - mmc: core: Further prevent card detect during shutdown - regmap: detach regmap from dev on regmap_exit - dma-buf: fix dma_fence_array_signaled v4 - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again {CVE-2024-48881} - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() {CVE-2024-56619} - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts - scsi: qla2xxx: Fix NVMe and NPIV connect issue - ocfs2: update seq_file index in ocfs2_dlm_seq_next - tracing: Fix cmp_entries_dup() to respect sort() comparison rules - HID: wacom: fix when get product name maybe null pointer {CVE-2024-56629} - bpf: Fix exact match conditions in trie_get_next_key() - bpf: Handle BPF_EXIST and BPF_NOEXIST for LPM trie - ocfs2: free inode when ocfs2_get_init_inode() fails {CVE-2024-56630} - spi: mpc52xx: Add cancel_work_sync before module remove {CVE-2024-50051} - tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg {CVE-2024-56633} - drm/sti: Add __iomem for mixer_dbg_mxn's parameter - gpio: grgpio: Add NULL check in grgpio_probe {CVE-2024-56634} - gpio: grgpio: use a helper variable to store the address of ofdev->dev - crypto: x86/aegis128 - access 32-bit arguments as 32-bit - x86/asm: Reorder early variables - xen: Fix the issue of resource not being properly released in xenbus_dev_probe() - xen/xenbus: fix locking - xenbus/backend: Protect xenbus callback with lock - xenbus/backend: Add memory pressure handler callback - xen/xenbus: reference count registered modules - netfilter: nft_set_hash: skip duplicated elements pending gc run - netfilter: ipset: Hold module reference while requesting a module {CVE-2024-56637} - igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332} - net/qed: allow old cards not supporting "num_images" to work - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). {CVE-2024-56642} - tipc: add new AEAD key structure for user API - tipc: enable creating a "preliminary" node - tipc: add reference counter to bearer - dccp: Fix memory leak in dccp_feat_change_recv {CVE-2024-56643} - can: j1939: j1939_session_new(): fix skb reference counting {CVE-2024-56645} - net/sched: tbf: correct backlog statistic for GSO packets - netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650} - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() {CVE-2024-53680} - can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics - can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL - watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() - iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call - drm/etnaviv: flush shader L1 cache after user commandstream - nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur {CVE-2024-56779} - nfsd: make sure exp active before svc_export_show {CVE-2024-56558} - dm thin: Add missing destroy_work_on_stack() - i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() - util_macros.h: fix/rework find_closest() macros - ad7780: fix division by zero in ad7780_write_raw() {CVE-2024-56567} - clk: qcom: gcc-qcs404: fix initial rate of GPLL3 - ftrace: Fix regression with module command in stack_trace_filter {CVE-2024-56569} - ovl: Filter invalid inodes with missing lookup function {CVE-2024-56570} - media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() - media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() - media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled - media: ts2020: fix null-ptr-deref in ts2020_probe() {CVE-2024-56574} - media: i2c: tc358743: Fix crash in the probe error path when using polling - btrfs: ref-verify: fix use-after-free after invalid ref action {CVE-2024-56581} - quota: flush quota_release_work upon quota writeback {CVE-2024-56780} - ASoC: fsl_micfil: fix the naming style for mask definition - sh: intc: Fix use-after-free bug in register_intc_controller() - sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport {CVE-2024-56688} - SUNRPC: Replace internal use of SOCKWQ_ASYNC_NOSPACE - SUNRPC: correct error code comment in xs_tcp_setup_socket() - modpost: remove incorrect code in do_eisa_entry() - rtc: ab-eoz9: don't fail temperature reads on undervoltage notification - 9p/xen: fix release of IRQ {CVE-2024-56704} - 9p/xen: fix init sequence - block: return unsigned int from bdev_io_min - jffs2: fix use of uninitialized variable - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit - ubi: fastmap: Fix duplicate slab cache names while attaching {CVE-2024-53172} - ubifs: Correct the total block count by deducting journal reservation - rtc: check if __rtc_read_time was successful in rtc_timer_do_work() {CVE-2024-56739} - rtc: abx80x: Fix WDT bit position of the status register - rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() - NFSv4.0: Fix a use-after-free problem in the asynchronous open() - um: Always dump trace for specified task in show_stack - um: Clean up stacktrace dump - um: add show_stack_loglvl() - um/sysrq: remove needless variable sp - um: Fix the return value of elf_core_copy_task_fpregs - um: Fix potential integer overflow during physmem setup {CVE-2024-53145} - rpmsg: glink: Propagate TX failures in intentless mode as well - SUNRPC: make sure cache entry active before cache_show {CVE-2024-53174} - NFSD: Prevent a potential integer overflow {CVE-2024-53146} - lib: string_helpers: silence snprintf() output truncation warning - usb: dwc3: gadget: Fix checking for number of TRBs left - ALSA: hda/realtek: Apply quirk for Medion E15433 - ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max - ALSA: hda/realtek: Set PCBeep to default value for ALC274 - ALSA: hda/realtek: Update ALC225 depop procedure - media: wl128x: Fix atomicity violation in fmc_send_cmd() {CVE-2024-56700} - HID: wacom: Interpret tilt data from Intuos Pro BT as signed values - block: fix ordering between checking BLK_MQ_S_STOPPED request adding - arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled - sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - um: vector: Do not use drvdata in release {CVE-2024-53181} - serial: 8250: omap: Move pm_runtime_get_sync - um: net: Do not use drvdata in release {CVE-2024-53183} - um: ubd: Do not use drvdata in release {CVE-2024-53184} - ubi: wl: Put source PEB into correct list if trying locking LEB failed - spi: Fix acpi deferred irq probe - netfilter: ipset: add missing range check in bitmap_ip_uadt {CVE-2024-53141} - Revert "serial: sh-sci: Clean sci_ports[0] after at earlycon exit" - serial: sh-sci: Clean sci_ports[0] after at earlycon exit - Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() - tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler - comedi: Flush partial mappings in error case {CVE-2024-53148} - PCI: Fix use-after-free of slot->bus on hot remove {CVE-2024-53194} - ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() - jfs: xattr: check invalid xattr size more strictly - ext4: fix FS_IOC_GETFSMAP handling - ext4: supress data-race warnings in ext4_free_inodes_{count,set}() - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices - soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() - usb: ehci-spear: fix call balance of sehci clk handling routines - apparmor: fix 'Do simple duplicate message elimination' - staging: greybus: uart: clean up TIOCGSERIAL - misc: apds990x: Fix missing pm_runtime_disable() - USB: chaoskey: Fix possible deadlock chaoskey_list_lock - USB: chaoskey: fail open after removal - usb: yurex: make waiting on yurex_write interruptible - usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() - ipmr: fix tables suspicious RCU usage - ipmr: convert /proc handlers to rcu_read_lock() - net: stmmac: dwmac-socfpga: Set RX watchdog interrupt as broken - marvell: pxa168_eth: fix call balance of pep->clk handling routines - net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration - tg3: Set coherent DMA mask bits to 31 for BCM57766 chipsets - net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device - power: supply: core: Remove might_sleep() from power_supply_put() - vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214} - NFSD: Fix nfsd4_shutdown_copy() - NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() - NFSD: Prevent NULL dereference in nfsd4_process_cb_update() - rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length - rpmsg: glink: Fix GLINK command prefix - rpmsg: glink: Send READ_NOTIFY command in FIFO full case - rpmsg: glink: Add TX_DATA_CONT command while sending - perf trace: Avoid garbage when not printing a syscall's arguments - perf trace: Do not lose last events in a race - m68k: coldfire/device.c: only build FEC when HW macros are defined - m68k: mcfgpio: Fix incorrect register offset for CONFIG_M5441x - PCI: cpqphp: Fix PCIBIOS_* return value confusion - PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads - perf probe: Correct demangled symbols in C++ program - perf cs-etm: Don't flush when packet_queue fills up - clk: clk-axi-clkgen: make sure to enable the AXI bus clock - clk: axi-clkgen: use devm_platform_ioremap_resource() short-hand - dt-bindings: clock: axi-clkgen: include AXI clk - dt-bindings: clock: adi,axi-clkgen: convert old binding to yaml format - fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() - fbdev/sh7760fb: Alloc DMA memory from hardware device - powerpc/sstep: make emulate_vsx_load and emulate_vsx_store static - ocfs2: fix uninitialized value in ocfs2_file_read_iter() - scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() - scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() - scsi: fusion: Remove unused variable 'rc' - scsi: bfa: Fix use-after-free in bfad_im_module_exit() - mfd: rt5033: Fix missing regmap_del_irq_chip() - mtd: rawnand: atmel: Fix possible memory leak - cpufreq: loongson2: Unregister platform_driver on failure - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices {CVE-2024-56723} - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device {CVE-2024-56724} - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device {CVE-2024-56691} - mfd: intel_soc_pmic_bxtwc: Use dev_err_probe() - mfd: da9052-spi: Change read-mask to write-mask - mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race - trace/trace_event_perf: remove duplicate samples on the first tracepoint event - netpoll: Use rcu_access_pointer() in netpoll_poll_lock - ALSA: 6fire: Release resources at card release {CVE-2024-53239} - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection {CVE-2024-56531} - ALSA: us122l: Use snd_card_free_when_closed() at disconnection {CVE-2024-56532} - net: rfkill: gpio: Add check for clk_enable() - selftests: net: really check for bg process completion - bpf, sockmap: Fix sk_msg_reset_curr - bpf, sockmap: Several fixes to bpf_msg_pop_data {CVE-2024-56720} - bpf, sockmap: Several fixes to bpf_msg_push_data - drm/etnaviv: hold GPU lock across perfmon sampling - drm/etnaviv: fix power register offset on GC300 - drm/etnaviv: dump: fix sparse warnings - drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() - drm/panfrost: Remove unused id_mask from struct panfrost_model - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() - bpf: Fix the xdp_adjust_tail sample prog issue - ASoC: fsl_micfil: fix regmap_write_bits usage - ASoC: fsl_micfil: use GENMASK to define register bit fields - ASoC: fsl_micfil: do not define SHIFT/MASK for single bits - ASoC: fsl_micfil: Drop unnecessary register read - dt-bindings: vendor-prefixes: Add NeoFidelity, Inc - drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() - wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() - wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() - drm/omap: Fix locking in omap_gem_new_dmabuf() - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() {CVE-2024-53156} - drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused - firmware: arm_scpi: Check the DVFS OPP count returned by the firmware {CVE-2024-53157} - regmap: irq: Set lockdep class for hierarchical IRQ domains - ARM: dts: cubieboard4: Fix DCDC5 regulator constraints - tpm: fix signed/unsigned bug when checking event logs - efi/tpm: Pass correct address to memblock_reserve - mmc: mmc_spi: drop buggy snprintf() - soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() - soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() - time: Fix references to _msecs_to_jiffies() handling of values - crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() - crypto: bcm - add error check in the ahash_hmac_init function {CVE-2024-56681} - crypto: cavium - Fix the if condition to exit loop after timeout - crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY - EDAC/fsl_ddr: Fix bad bit shift operations - EDAC/bluefield: Fix potential integer overflow {CVE-2024-53161} - firmware: google: Unregister driver_info on failure - firmware: google: Unregister driver_info on failure and exit in gsmi - hfsplus: don't query the device logical block size multiple times {CVE-2024-56548} - s390/syscalls: Avoid creation of arch/arch/ directory - acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() - m68k: mvme147: Reinstate early console - m68k: mvme16x: Add and use "mvme16x.h" - m68k: mvme147: Fix SCSI controller IRQ numbers - nvme-pci: fix freeing of the HMB descriptor table {CVE-2024-56756} - initramfs: avoid filename buffer overrun {CVE-2024-53142} - mips: asm: fix warning when disabling MIPS_FP_SUPPORT - x86/xen/pvh: Annotate indirect branch as safe - nvme: fix metadata handling in nvme-passthrough - cifs: Fix buffer overflow when parsing NFS reparse points {CVE-2024-49996} - ipmr: Fix access to mfc_cache_list without lock held - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width - ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() - ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() - regulator: rk808: Add apply_bit for BUCK3 on RK809 - soc: qcom: Add check devm_kasprintf() returned value - net: usb: qmi_wwan: add Quectel RG650V - x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB - ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 - selftests/watchdog-test: Fix system accidentally reset after watchdog-test - mac80211: fix user-power when emulating chanctx - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet - kbuild: Use uname for LINUX_COMPILE_HOST detection - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint {CVE-2024-53130} - ocfs2: fix UBSAN warning in ocfs2_verify_volume() - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint {CVE-2024-53131} - KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN - ocfs2: uncache inode which has failed entering the group {CVE-2024-53112} - net/mlx5e: kTLS, Fix incorrect page refcounting {CVE-2024-53138} - net/mlx5: fs, lock FTE when checking if active {CVE-2024-53121} - netlink: terminate outstanding dump on socket close {CVE-2024-53140} - LTS tag: v5.4.286 - 9p: fix slab cache name creation for real - md/raid10: improve code of mrdev in raid10_sync_request - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition - fs: Fix uninitialized value issue in from_kuid and from_kgid {CVE-2024-53101} - powerpc/powernv: Free name on error in opal_event_init() - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML - bpf: use kvzmalloc to allocate BPF verifier environment - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad - 9p: Avoid creating multiple slab caches with the same name - ALSA: usb-audio: Add endianness annotations - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans {CVE-2024-50264} - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103} - ftrace: Fix possible use-after-free issue in ftrace_location() {CVE-2024-38588} - NFSD: Fix NFSv4's PUTPUBFH operation - ALSA: usb-audio: Add quirks for Dell WD19 dock - ALSA: usb-audio: Support jack detection on Dell dock - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() - irqchip/gic-v3: Force propagation of the active state with a read-back - USB: serial: option: add Quectel RG650V - USB: serial: option: add Fibocom FG132 0x0112 composition - USB: serial: qcserial: add support for Sierra Wireless EM86xx - USB: serial: io_edgeport: fix use after free in debug printk {CVE-2024-50267} - usb: musb: sunxi: Fix accessing an released usb phy {CVE-2024-50269} - fs/proc: fix compile warning about variable 'vmcore_mmap_ops' - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format - net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538} - spi: fix use-after-free of the add_lock mutex {CVE-2021-47195} - spi: Fix deadlock when adding SPI controllers on SPI buses {CVE-2021-47469} - mtd: rawnand: protect access to rawnand devices while in suspend - btrfs: reinitialize delayed ref list after deleting it from the list {CVE-2024-50273} - nfs: Fix KMSAN warning in decode_getfattr_attrs() {CVE-2024-53066} - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow - dm cache: fix potential out-of-bounds access on the first resume {CVE-2024-50278} - dm cache: optimize dirty bit checking with find_next_bit when resizing - dm cache: fix out-of-bounds access to the dirty bitset when resizing {CVE-2024-50279} - dm cache: correct the number of origin blocks to match the target length - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() - pwm: imx-tpm: Use correct MODULO value for EPWM mode - media: v4l2-tpg: prevent the risk of a division by zero {CVE-2024-50287} - media: cx24116: prevent overflows on SNR calculus {CVE-2024-50290} - media: s5p-jpeg: prevent buffer overflows {CVE-2024-53061} - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() - media: adv7604: prevent underflow condition when reporting colorspace - media: dvb_frontend: don't play tricks with underflow values - media: dvbdev: prevent the risk of out of memory access {CVE-2024-53063} - media: stb0899_algo: initialize cfr before using it - net: hns3: fix kernel crash when uninstalling driver {CVE-2024-50296} - can: c_can: fix {rx,tx}_errors statistics - sctp: properly validate chunk size in sctp_sf_ootb() {CVE-2024-50299} - net: enetc: set MAC address to the VF net_device - enetc: simplify the return expression of enetc_vf_set_mac_addr() - security/keys: fix slab-out-of-bounds in key_task_permission - HID: core: zero-initialize the report buffer {CVE-2024-50302} - ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin - ARM: dts: rockchip: Fix the spi controller on rk3036 - ARM: dts: rockchip: drop grf reference from rk3036 hdmi - ARM: dts: rockchip: fix rk3036 acodec node - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator - rds/ib: avoid scq/rcq polling during rds connection shutdown - RDMA/mlx5: Send UAR page index as ioctl attribute - RDMA: Pass entire uverbs attr bundle to create cq function - IB/uverbs: Enable CQ ioctl commands by default - tracing/kprobes: Skip symbol counting logic for module symbols in create_local_trace_kprobe() - RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" {CVE-2024-53127} - mm: revert "mm: shmem: fix data-race in shmem_getattr()" - net/ipv6: release expired exception dst cached in socket {CVE-2024-56644} - Revert "unicode: Don't special case ignorable code points" - powerpc/vdso: Flag VDSO64 entry points as functions - Revert "usb: gadget: composite: fix OS descriptors w_value logic" - rds: recv_payload_bad_checksum was not 0 after running rds-stress on UEK6 - rds: If RDS Checksums are enabled for RDMA RDS operations, the extension headers will overflow causing incorrect operation - rds: rds_message_alloc() needlessly zeroes m_used_sgs - rds: tracepoint in rds_receive_csum_err() prints pointless information - rds: rds_inc_init() should initialize the inc->i_conn_path field - rds: Race condition in adding RDS payload checksum extension header may result in RDS header corruption - md/raid10: fix task hung in raid10d - md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() - md/raid10: avoid deadlock on recovery. - arm64/cpu_errata: Spectre-BHB mitigation for AMPERE1 expects a loop of 11 iterations. - net/rds: report pending-messages count in RDS_INQ response - net/rds: Introduce RDS-INQ feature to RDS protocol - net/rds: Supporting SIOCOUTQ to read pending sends - mm/memory-failure: pass the folio and the page to collect_procs() - KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD - KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding - objtool: Default ignore INT3 for unreachable - x86/spec_ctrl: AMD AutoIBRS cannot be dynamically enabled or disabled - x86/msr: Add functions to set/clear the bit of an MSR on all cpus Important TuxCare License Agreement CVE-2025-21916 CVE-2022-49636 CVE-2025-21762 CVE-2025-21862 CVE-2025-21858 CVE-2025-21910 CVE-2025-21877 CVE-2025-21922 CVE-2025-21948 CVE-2024-58090 CVE-2024-57979 CVE-2024-57977 CVE-2025-21776 CVE-2025-21722 CVE-2025-21772 CVE-2025-21765 CVE-2025-21763 CVE-2025-21909 CVE-2025-21846 CVE-2025-21835 CVE-2025-21823 CVE-2025-21814 CVE-2025-21791 CVE-2025-21782 CVE-2024-58001 CVE-2025-21704 CVE-2025-21702 CVE-2025-21640 CVE-2024-58007 CVE-2025-21925 CVE-2025-21920 CVE-2025-21917 CVE-2025-21934 CVE-2025-21928 CVE-2025-21926 CVE-2025-21914 CVE-2025-21905 CVE-2025-21760 CVE-2025-21904 CVE-2025-21871 CVE-2025-21859 CVE-2025-21848 CVE-2025-21736 CVE-2025-21787 CVE-2025-21785 CVE-2025-21781 CVE-2025-21764 CVE-2025-21744 CVE-2025-21687 CVE-2024-26982 CVE-2024-50055 CVE-2025-21811 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables Important TuxCare License Agreement CVE-2025-32414 CVE-2025-32415 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices {CVE-2024-53197} - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd {CVE-2025-21969} - ext4: fix OOB read when checking dotdot dir {CVE-2025-37785} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993} - vlan: enforce underlying device type {CVE-2025-21920} Important TuxCare License Agreement CVE-2024-53197 CVE-2025-21969 CVE-2025-37785 CVE-2025-21920 CVE-2025-21993 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-1217: fix handling of folded headers by the http stream parser - CVE-2025-1734: fix validation of http headers with missing colon - CVE-2025-1861: fix incorrect http redirect location truncation Moderate TuxCare License Agreement CVE-2025-1734 CVE-2025-1217 CVE-2025-1861 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2020-11023: sanitize HTML content passed to DOM manipulation methods to prevent execution of untrusted code Moderate TuxCare License Agreement CVE-2020-11023 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Upgrade openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes the following CVE: CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 Important TuxCare License Agreement CVE-2025-30698 CVE-2025-21587 CVE-2025-30691 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-10041: fix possibility of leakage of secret information stored in memory - CVE-2024-22365: fix potential DoS via mkfifo because the openat call lacks O_DIRECTORY Moderate TuxCare License Agreement CVE-2024-10041 CVE-2024-22365 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-32728: fix logic error in DisableForwarding option Low TuxCare License Agreement CVE-2025-32728 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 {CVE-2025-21702} - xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014} - netfilter: validate user input for expected length {CVE-2024-35896} - nfs: fix UAF in direct writes {CVE-2024-26958} - Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982} - RDMA/srpt: Do not register event handler until srpt device is fully setup {CVE-2024-26872} Important TuxCare License Agreement CVE-2024-35896 CVE-2024-26958 CVE-2025-21702 CVE-2024-41014 CVE-2024-26982 CVE-2024-26872 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-27363: fix OOB write when parsing font subglyph structures Important TuxCare License Agreement CVE-2025-27363 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-32462: fix privilege escalation vulnerability by restricting unauthorized users from gaining elevated system privileges via the Sudo host option Important TuxCare License Agreement CVE-2025-32462 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-32906: fix out-of-bound read vulnerability - CVE-2025-32911: fix use-after-free vulnerability - CVE-2025-32913: fix NULL pointer dereference Critical TuxCare License Agreement CVE-2025-32913 CVE-2025-32906 CVE-2025-32911 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-48384: config: quote values containing CR character Important TuxCare License Agreement CVE-2024-32004 CVE-2021-40330 CVE-2023-23946 CVE-2022-39260 CVE-2025-48384 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-32050: fix overflow in append_param_quoted() - CVE-2025-32052: fix heap buffer overflow in soup_content_sniffer_sniff() - CVE-2025-32053: fix heap buffer overflow in sniff_feed_or_html() - CVE-2025-32907: soup-message-headers: correct merge of ranges - CVE-2025-46420: fix leak in soup_header_parse_quality_list() - CVE-2025-46421: strip authentication credentails on cross-origin redirect - CVE-2025-2784: fix heap buffer over-read when sniffing content via the skip_insight_whitespace() function Moderate TuxCare License Agreement CVE-2025-46421 CVE-2025-46420 CVE-2025-32052 CVE-2025-32050 CVE-2025-32053 CVE-2025-2784 CVE-2025-32907 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file Critical TuxCare License Agreement CVE-2025-49796 CVE-2025-49794 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-1220: error if host contains null bytes in the middle of the string Moderate TuxCare License Agreement CVE-2025-1220 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-1735: add error checking for pgsql extension escape functions, mainly to fix possible issues with multi-byte encoding of Postgres databases Important TuxCare License Agreement CVE-2025-1735 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08 (GA). That fixes following CVEs: - CVE-2025-30749: better Glyph drawing - CVE-2025-30754: enhance TLS protocol support - CVE-2025-30761: improve scripting supports - CVE-2025-50106: glyph out-of-memory access and crash Important TuxCare License Agreement CVE-2025-50106 CVE-2025-30761 CVE-2025-30754 CVE-2025-30749 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-6965: fix memory corruption issue caused by a query where the number of aggregate terms could exceed the number of columns available. Critical TuxCare License Agreement CVE-2025-6965 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-6491: fix buffer overflow vulnerability Moderate TuxCare License Agreement CVE-2025-6491 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-46901: fix mod_dav_svn denial-of-service via control characters in paths Moderate TuxCare License Agreement CVE-2024-46901 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-27613: fix issue where untrusted repositories could create and truncate files, with the fix implemented in versions 2.43.7 and later Moderate TuxCare License Agreement CVE-2025-27613 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - can: bcm: Fix UAF in bcm_proc_show() {CVE-2023-52922} - udmabuf: fix a buf size overflow issue during udmabuf creation {CVE-2025-37803} Important TuxCare License Agreement CVE-2023-52922 CVE-2025-37803 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-1736: fix incorrect validation of CRLF in http headers Important TuxCare License Agreement CVE-2025-1736 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2023-46846: fix Request/Response chunk smuggling in HTTP/1.1 and ICAP Moderate TuxCare License Agreement CVE-2023-46846 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-55549: fix use-after-free issue related to exclusion of result prefixes Important TuxCare License Agreement CVE-2025-24855 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-54574: fix heap buffer overflow in URN parsing Critical TuxCare License Agreement CVE-2025-54574 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2016-9840: fix undefined behavior in inftrees.c Important TuxCare License Agreement CVE-2016-9840 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-7425: fix heap-use-after-free in xmlFreeID caused by 'atype' corruption - CVE-2025-6021: fix integer overflows in buffer size calculations Important TuxCare License Agreement CVE-2025-7425 CVE-2025-6021 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-6020: fix potential privilege escalation in pam_namspace Important TuxCare License Agreement CVE-2025-6020 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2019-9169: fix heap-based buffer over-read in proceed_next_node in posix/regexec.c Critical TuxCare License Agreement CVE-2019-9169 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - x86/kvm: Disable kvmclock on all CPUs on shutdown {CVE-2021-47110} - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() {CVE-2025-38352} - cifs: fix double free race when mount fails in cifs_get_root() {CVE-2022-48919} - aio: mark AIO pseudo-fs noexec {CVE-2016-10044} - cifs: potential buffer overflow in handling symlinks {CVE-2022-49058} - NFSD: fix race between nfsd registration and exports_proc {CVE-2025-38232} - nfsd: register pernet ops last, unregister first {CVE-2025-38232} - net: atm: fix use after free in lec_send() {CVE-2025-22004} - net: atlantic: fix aq_vec index out of range error {CVE-2022-50066} - do_change_type(): refuse to operate on unmounted/not ours mounts {CVE-2025-38498} - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180} - net: atm: add lec_mutex {CVE-2025-38180} - SUNRPC: make sure cache entry active before cache_show {CVE-2024-53174} - scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() {CVE-2025-38399} - scsi: target: Fix crash during SPEC_I_PT handling {CVE-2025-38399} - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race {CVE-2025-38085} - drivers:md:fix a potential use-after-free bug {CVE-2022-50022} - ext4: avoid resizing to a partial cluster size {CVE-2022-50020} - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() {CVE-2025-21928} - net/sched: Abort __tc_modify_qdisc if parent class does not exist {CVE-2025-38457} - misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() {CVE-2022-49788} - dlm: fix plock invalid read {CVE-2022-49407} - net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125} - scsi: libfc: Fix use after free in fc_exch_abts_resp() {CVE-2022-49114} - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} - HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} - HID: core: ensure the allocated report buffer can contain the reserved report ID {CVE-2025-38495} - ext4: Fix possible corruption when moving a directory {CVE-2023-53137} - ceph: avoid putting the realm twice when decoding snaps fails {CVE-2022-49770} - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} - sch_hfsc: make hfsc_qlen_notify() idempotent {CVE-2025-38177} - ext4: check dot and dotdot of dx_root before making dir indexed {CVE-2024-42305} - ALSA: bcd2000: Fix a UAF bug on the error path of probing {CVE-2022-50229} - dm ioctl: prevent potential spectre v1 gadget {CVE-2022-49122} - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823} - md-raid10: fix KASAN warning {CVE-2022-50211} - scsi: lpfc: Use memcpy() for BIOS version {CVE-2025-38332} - ACPICA: Refuse to evaluate a method if arguments are missing {CVE-2025-38386} - media: cxusb: no longer judge rbuf when the write fails {CVE-2025-38229} - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} - ext4: fix off-by-one error in do_split {CVE-2025-23150} - perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init {CVE-2025-37878} - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() {CVE-2025-38000} - i40e: fix MMIO write access to an invalid page in i40e_clear_hw {CVE-2025-38200} Important TuxCare License Agreement CVE-2025-22004 CVE-2025-23150 CVE-2022-50022 CVE-2022-50020 CVE-2022-49788 CVE-2025-37878 CVE-2025-38332 CVE-2025-38232 CVE-2025-38556 CVE-2025-38498 CVE-2025-38495 CVE-2025-38494 CVE-2025-38457 CVE-2025-38403 CVE-2025-38399 CVE-2025-38386 CVE-2025-38229 CVE-2025-38212 CVE-2025-38200 CVE-2025-38180 CVE-2025-38085 CVE-2025-38079 CVE-2025-38177 CVE-2025-38000 CVE-2025-21928 CVE-2025-37823 CVE-2024-53174 CVE-2024-42305 CVE-2023-53137 CVE-2023-53125 CVE-2022-50229 CVE-2022-50211 CVE-2022-49770 CVE-2022-49407 CVE-2022-49122 CVE-2022-49114 CVE-2022-49058 CVE-2022-48919 CVE-2021-47110 CVE-2016-10044 CVE-2025-38352 CVE-2022-50066 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2024-21803} - net: defer final 'struct net' free in netns dismantle {CVE-2024-56658} - netfilter: validate user input for expected length {CVE-2024-35896} - drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' {CVE-2024-56608} - smb: client: fix UAF in async decryption {CVE-2024-50047} - drm/amdgpu: fix usage slab after free {CVE-2024-56551} - nvme: avoid double free special payload {CVE-2024-41073} - xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014} - net/sched: act_mirred: don't override retval if we already lost the skb {CVE-2024-26739} - ext4: fix timer use-after-free on failed mount {CVE-2024-49960} - smb: client: fix potential UAF in cifs_stats_proc_show() {CVE-2024-35867} - smb: client: fix potential UAF in cifs_debug_files_proc_show() {CVE-2024-26928} - RDMA/mlx5: Fix fortify source warning while accessing Eth segment {CVE-2024-26907} - stddef: Introduce DECLARE_FLEX_ARRAY() helper - nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() {CVE-2025-21927} - net_sched: sch_sfq: move the limit validation {CVE-2024-57996} - net_sched: sch_sfq: use a temporary work area for validating configuration - net_sched: sch_sfq: don't allow 1 packet limit {CVE-2024-57996} - net_sched: sch_sfq: handle bigger packets - net_sched: sch_sfq: annotate data-races around q->perturb_period - squashfs: fix memory leak in squashfs_fill_super - netfilter: nf_tables: adjust lockdep assertions handling - Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" - ASoC: ops: dynamically allocate struct snd_ctl_elem_value - KVM: x86: use array_index_nospec with indices that come from guest - KVM: APIC: add helper func to remove duplicate code in kvm_pv_send_ipi - rds: Fix NULL ptr deref in xas_start - mm: make page_mapped_in_vma() hugetlb walk aware - mm/rmap: Fix handling of hugetlbfs pages in page_vma_mapped_walk - net_sched: sch_sfq: move the limit validation {CVE-2025-37752} - net_sched: sch_sfq: use a temporary work area for validating configuration - net_sched: sch_sfq: don't allow 1 packet limit {CVE-2024-57996} - net_sched: sch_sfq: handle bigger packets - net_sched: sch_sfq: annotate data-races around q->perturb_period - squashfs: fix memory leak in squashfs_fill_super - netfilter: nf_tables: adjust lockdep assertions handling - Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" - ASoC: ops: dynamically allocate struct snd_ctl_elem_value - KVM: x86: use array_index_nospec with indices that come from guest - KVM: APIC: add helper func to remove duplicate code in kvm_pv_send_ipi - rds: Fix NULL ptr deref in xas_start - mm: make page_mapped_in_vma() hugetlb walk aware - mm/rmap: Fix handling of hugetlbfs pages in page_vma_mapped_walk Important TuxCare License Agreement CVE-2024-26907 CVE-2024-56551 CVE-2024-41073 CVE-2024-26928 CVE-2024-35896 CVE-2024-41014 CVE-2025-37752 CVE-2024-21803 CVE-2024-56658 CVE-2024-50047 CVE-2024-56608 CVE-2024-26739 CVE-2024-49960 CVE-2024-35867 CVE-2025-21927 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2017-9224: fix out-of-bounds read of a stack in match_at function - CVE-2017-9226: fix out-of-bounds write or read of a heap in next_state_val function - CVE-2017-9227: fix out-of-bounds read of a stack in mbc_enc_len function Critical TuxCare License Agreement CVE-2017-9227 CVE-2017-9226 CVE-2017-9224 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - rds: tcp: block BH in TCP callbacks - kexec: Improve & fix crash_exclude_mem_range() to handle overlapping ranges - module: correctly exit module_kallsyms_on_each_symbol when fn() != 0 - module: potential uninitialized return in module_kallsyms_on_each_symbol() - module: use RCU to synchronize find_module - kallsyms: refactor {,module_}kallsyms_on_each_symbol - LTS tag: v5.4.295 - scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops - arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() {CVE-2025-38320} - perf: Fix sample vs do_exit() {CVE-2025-38424} - s390/pci: Fix __pcilg_mio_inuser() inline assembly - rtc: test: Fix invalid format specifier. - jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() {CVE-2025-38337} - mm/huge_memory: fix dereferencing invalid pmd migration entry {CVE-2025-37958} - rtc: Make rtc_time64_to_tm() support dates before 1970 - rtc: Improve performance of rtc_time64_to_tm(). Add tests. - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create {CVE-2022-48773} - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() {CVE-2025-38352} - ARM: dts: am335x-bone-common: Increase MDIO reset deassert delay to 50ms - ARM: dts: am335x-bone-common: Increase MDIO reset deassert time - ARM: dts: am335x-bone-common: Add GPIO PHY reset on revision C3 board - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180} - net: atm: add lec_mutex {CVE-2025-38323} - calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). {CVE-2025-38181} - tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer {CVE-2025-38184} - tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior - atm: atmtcp: Free invalid length skb in atmtcp_c_send(). {CVE-2025-38185} - mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu(). {CVE-2025-38324} - wifi: carl9170: do not ping device which has failed to load firmware {CVE-2025-38420} - aoe: clean device rq_list in aoedev_downdev() {CVE-2025-38326} - hwmon: (occ) fix unaligned accesses - drm/nouveau/bl: increase buffer size to avoid truncate warning - erofs: remove unused trace event erofs_destroy_inode - ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged - ALSA: hda/intel: Add Thinkpad E15 to PM deny list - Input: sparcspkr - avoid unannotated fall-through - HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() {CVE-2025-38103} - atm: Revert atm_account_tx() if copy_from_iter_full() fails. {CVE-2025-38190} - selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len - scsi: s390: zfcp: Ensure synchronous unit_add - scsi: storvsc: Increase the timeouts to storvsc_timeout - jffs2: check jffs2_prealloc_raw_node_refs() result in few other places {CVE-2025-38328} - jffs2: check that raw node were preallocated before writing summary {CVE-2025-38194} - drivers/rapidio/rio_cm.c: prevent possible heap overwrite {CVE-2025-38090} - powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery - platform/x86: dell_rbu: Stop overwriting data buffer - platform: Add Surface platform directory - Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" - tee: Prevent size calculation wraparound on 32-bit kernels - ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY - bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value - watchdog: da9052_wdt: respect TWDMIN - i40e: fix MMIO write access to an invalid page in i40e_clear_hw {CVE-2025-38200} - sock: Correct error checking condition for (assign|release)_proto_idx() - scsi: lpfc: Use memcpy() for BIOS version {CVE-2025-38332} - vxlan: Do not treat dst cache initialization errors as fatal - clk: rockchip: rk3036: mark ddrphy as critical - wifi: mac80211: do not offer a mesh path if forwarding is disabled - net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info - pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() - pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() - pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() - pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() - ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT - tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows - tcp: always seek for minimal rtt in tcp_rcv_rtt_update() - net: dlink: add synchronization for stats update - sctp: Do not wake readers in __sctp_write_space() - emulex/benet: correct command version selection in be_cmd_get_stats() - i2c: designware: Invoke runtime suspend on quick slave re-registration - net: macb: Check return value of dma_set_mask_and_coherent() - cpufreq: Force sync policy boost with global boost on sysfs update - nios2: force update_mmu_cache on spurious tlb-permission--related pagefaults - media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() {CVE-2025-38237} - media: tc358743: ignore video while HPD is low - drm/amdkfd: Set SDMA_RLCx_IB_CNTL/SWITCH_INSIDE_IB - jfs: Fix null-ptr-deref in jfs_ioc_trim {CVE-2025-38203} - drm/amdgpu/gfx9: fix CSIB handling - drm/amdgpu/gfx8: fix CSIB handling - jfs: fix array-index-out-of-bounds read in add_missing_indices {CVE-2025-38204} - drm/amdgpu/gfx7: fix CSIB handling - drm/amdgpu/gfx10: fix CSIB handling - drm/msm/a6xx: Increase HFI response timeout - drm/amd/display: Add NULL pointer checks in dm_force_atomic_commit() - media: uapi: v4l: Fix V4L2_TYPE_IS_OUTPUT condition - drm/msm/hdmi: add runtime PM calls to DDC transfer function - drm/bridge: analogix_dp: Add irq flag IRQF_NO_AUTOEN instead of calling disable_irq() - sunrpc: update nextcheck time when adding new cache entries - drm/amdgpu/gfx6: fix CSIB handling - ACPI: battery: negate current when discharging - PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() - power: supply: bq27xxx: Retrieve again when busy - ACPICA: fix acpi parse and parseext cache leaks {CVE-2025-38344} - ACPICA: Avoid sequence overread in call to strncmp() - ACPICA: fix acpi operand cache leak in dswstate.c {CVE-2025-38345} - iio: adc: ad7606_spi: fix reg write value mask - PCI: Fix lock symmetry in pci_slot_unlock() - PCI: Add ACS quirk for Loongson PCIe - uio_hv_generic: Use correct size for interrupt and monitor pages - regulator: max14577: Add error check for max14577_read_reg() - mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS - staging: iio: ad5933: Correct settling cycles encoding per datasheet - net: ch9200: fix uninitialised access during mii_nway_restart {CVE-2025-38086} - ftrace: Fix UAF when lookup kallsym after ftrace disabled {CVE-2025-38346} - dm-mirror: fix a tiny race condition - mtd: nand: sunxi: Add randomizer configuration before randomizer enable - mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk - mm: fix ratelimit_pages update error in dirty_ratio_handler() - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212} - parisc: fix building with gcc-15 - vgacon: Add check for vc_origin address range in vgacon_scroll() {CVE-2025-38213} - fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var {CVE-2025-38214} - EDAC/altera: Use correct write width with the INTTEST register - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416} - f2fs: prevent kernel warning due to negative i_nlink from corrupted image {CVE-2025-38219} - Input: ims-pcu - check record size in ims_pcu_flash_firmware() {CVE-2025-38428} - ext4: fix calculation of credits for extent tree modification - ext4: inline: fix len overflow in ext4_prepare_inline_data {CVE-2025-38222} - bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device - ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 {CVE-2025-38336} - ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap() - media: v4l2-dev: fix error handling in __video_register_device() - media: gspca: Add error handling for stv06xx_read_sensor() - wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 - nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request {CVE-2025-38430} - wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348} - gfs2: move msleep to sleepable context - configfs: Do not override creating attribute file failure in populate_attrs() - net: usb: aqc111: debug info before sanitation - calipso: unlock rcu before returning -EAFNOSUPPORT - xen/arm: call uaccess_ttbr0_enable for dm_op hypercall - usb: Flush altsetting 0 endpoints before reinitializating them after reset. - fs/filesystems: Fix potential unsigned integer underflow in fs_name() - net/mdiobus: Fix potential out-of-bounds read/write access {CVE-2025-38111} - drm/amd/display: Do not add '-mhard-float' to dcn2{1,0}_resource.o for clang - drm/amd/display: Do not add '-mhard-float' to dml_ccflags for clang - MIPS: Move '-Wa,-msoft-float' check from as-option to cc-option - x86/boot/compressed: prefer cc-option for CFLAGS additions - net: mdio: C22 is now optional, EOPNOTSUPP if not provided - net_sched: tbf: fix a race in tbf_change() - net_sched: red: fix a race in __red_change() {CVE-2025-38108} - net_sched: prio: fix a race in prio_tune() {CVE-2025-38083} - net/mlx5: Fix return value when searching for existing flow group - net/mlx5: Wait for inactive autogroups - i40e: retry VFLR handling if there is ongoing VF reset - i40e: return false from i40e_reset_vf if reset is in progress - net_sched: sch_sfq: fix a potential crash on gso_skb handling {CVE-2025-38115} - scsi: iscsi: Fix incorrect error path labels for flashnode operations - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes {CVE-2022-48829} - NFSD: Fix ia_size underflow {CVE-2022-48828} - Input: synaptics-rmi - fix crash with unsupported versions of F34 - Input: synaptics-rmi4 - convert to use sysfs_emit() APIs - pmdomain: core: Fix error checking in genpd_dev_pm_attach_by_id() - do_change_type(): refuse to operate on unmounted/not ours mounts {CVE-2025-38498} - ice: create new Tx scheduler nodes for new queues only - Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION - net/mlx4_en: Prevent potential integer overflow calculating Hz - vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() - serial: Fix potential null-ptr-deref in mlb_usio_probe() {CVE-2025-38135} - usb: renesas_usbhs: Reorder clock handling and power management in probe {CVE-2025-38136} - rtc: Fix offset calculation for .start_secs < 0 - rtc: sh: assign correct interrupts with DT - perf record: Fix incorrect --user-regs comments - perf tests switch-tracking: Fix timestamp comparison - mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE - mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() - rpmsg: qcom_smd: Fix uninitialized return variable in __qcom_smd_send() - perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3 - perf ui browser hists: Set actions->thread before calling do_zoom_thread() - fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() {CVE-2025-38312} - soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() {CVE-2025-38145} - soc: aspeed: lpc: Fix impossible judgment condition - arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou - ARM: dts: qcom: apq8064 merge hw splinlock into corresponding syscon device - bus: fsl-mc: fix double-free on mc_dev {CVE-2025-38313} - nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() - nilfs2: add pointer check for nilfs_direct_propagate() - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} - ARM: dts: at91: at91sam9263: fix NAND chip selects - ARM: dts: at91: usb_a9263: fix GPIO for Dataflash chip select - f2fs: fix to correct check conditions in f2fs_cross_rename - f2fs: use d_inode(dentry) cleanup dentry->d_inode - calipso: Don't call calipso functions for AF_INET sk. {CVE-2025-38147} - net: lan743x: rename lan743x_reset_phy to lan743x_hw_reset_phy - net: usb: aqc111: fix error handling of usbnet read calls {CVE-2025-38153} - netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} - bpf: Fix WARN() in get_bpf_raw_tp_regs {CVE-2025-38285} - pinctrl: at91: Fix possible out-of-boundary access {CVE-2025-38286} - ktls, sockmap: Fix missing uncharge operation - netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it - f2fs: clean up w/ fscrypt_is_bounce_page() - RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h - wifi: rtw88: do not ignore hardware read error during DPK - net: ncsi: Fix GCPS 64-bit member variables - f2fs: fix to do sanity check on sbi->total_valid_block_count {CVE-2025-38163} - drm/tegra: rgb: Fix the unbound reference count - drm/vkms: Adjust vkms_state->active_planes allocation type - drm: rcar-du: Fix memory leak in rcar_du_vsps_init() - selftests/seccomp: fix syscall_restart test for arm compat - firmware: psci: Fix refcount leak in psci_dt_init - m68k: mac: Fix macintosh_config for Mac II - drm/vmwgfx: Add seqno waiter for sync_files - spi: sh-msiof: Fix maximum DMA transfer size - ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" - x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges() - PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() - EDAC/skx_common: Fix general protection fault {CVE-2025-38298} - crypto: marvell/cesa - Avoid empty transfer descriptor - crypto: marvell/cesa - Handle zero-length skcipher requests {CVE-2025-38173} - x86/cpu: Sanitize CPUID(0x80000000) output - perf/core: Fix broken throttling when max_samples_per_tick=1 - gfs2: gfs2_create_inode error handling fix - netfilter: nft_socket: fix sk refcount leaks {CVE-2024-46855} - thunderbolt: Do not double dequeue a configuration request {CVE-2025-38174} - usb: usbtmc: Fix timeout value in get_stb - usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device - usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE - pinctrl: armada-37xx: set GPIO output value before setting direction - pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 - net/mlx5: Add poll-eq API to be used by ULP's - net/rds: poll eq during user-reset - perf: Fix perf_event_validate_size() lockdep splat {CVE-2023-6931} - perf: Fix perf_event_validate_size() {CVE-2023-6931} - net/mlx5: set graceful_period to 0 to allow multiple transmission queue recovery - pwm: mediatek: Ensure to disable clocks in error path - Revert "mmc: sdhci: Disable SD card clock before changing parameters" - net/sched: Always pass notifications when child class becomes empty {CVE-2025-38350} - x86/bpf: Classic BPF program can fail when BHB barrier is used - Add Zen34 clients {CVE-2024-36350} - x86/process: Move the buffer clearing before MONITOR {CVE-2024-36350} - KVM: SVM: Advertize TSA CPUID bits to guests {CVE-2024-36350} - x86/bugs: Add a Transient Scheduler Attacks mitigation {CVE-2024-36350} - KVM: x86: add support for CPUID leaf 0x80000021 {CVE-2024-36350} - x86/bugs: Rename MDS machinery to something more generic {CVE-2024-36350} - x86/CPU/AMD: Add ZenX generations flags {CVE-2024-36350} - x86/bugs: Free X86_BUG_AMD_APIC_C1E and X86_BUG_AMD_E400 bits {CVE-2024-36350} - Revert "x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2" on v6.6 and older - tracing: Fix compilation warning on arm32 - PM: sleep: Fix power.is_suspended cleanup for direct-complete devices - LTS tag: v5.4.294 - platform/x86: thinkpad_acpi: Ignore battery threshold change event notification - platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys - spi: spi-sun4i: fix early activation - um: let 'make clean' properly clean underlying SUBARCH as well - platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS - nfs: don't share pNFS DS connections between net namespaces - HID: quirks: Add ADATA XPG alpha wireless mouse support - coredump: hand a pidfd to the usermode coredump helper - fork: use pidfd_prepare() - pid: add pidfd_prepare() - pidfd: check pid has attached task in fdinfo - coredump: fix error handling for replace_fd() - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice {CVE-2025-38001} - smb: client: Reset all search buffer pointers when releasing buffer - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} - drm/i915/gvt: fix unterminated-string-initialization warning - netfilter: nf_tables: do not defer rule destruction via call_rcu {CVE-2024-56655} - netfilter: nf_tables: wait for rcu grace period on net_device removal {CVE-2024-56655} - netfilter: nf_tables: pass nft_chain to destroy function, not nft_ctx - kbuild: Disable -Wdefault-const-init-unsafe - spi: spi-fsl-dspi: restrict register range for regmap access - mm/page_alloc.c: avoid infinite retries caused by cpuset race - drm/edid: fixed the bug that hdr metadata was not reset - llc: fix data loss when reading from a socket in llc_ui_recvmsg() - ALSA: pcm: Fix race of buffer access at PCM OSS layer {CVE-2025-38078} - can: bcm: add missing rcu read protection for procfs content {CVE-2025-38003} - can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004} - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079} - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() {CVE-2025-38000} - net: dwmac-sun8i: Use parsed internal PHY address instead of 1 - bridge: netfilter: Fix forwarding of fragmented packets - xfrm: Sanitize marks before insert - __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock {CVE-2025-38058} - xenbus: Allow PVH dom0 a non-local xenstore - btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref {CVE-2025-38034} - nvmet-tcp: don't restore null sk_state_change {CVE-2025-38035} - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 - pinctrl: meson: define the pull up/down resistor value as 60 kOhm - drm: Add valid clones check - drm/atomic: clarify the rules around drm_atomic_state->allow_modeset - regulator: ad5398: Add device tree support - wifi: rtw88: Don't use static local variable in rtw8822b_set_tx_power_index_by_rate - bpftool: Fix readlink usage in get_fd_type - HID: usbkbd: Fix the bit shift number for LED_KANA - scsi: st: Restore some drive settings after reset - scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine - rcu: fix header guard for rcu_all_qs() - rcu: handle quiescent states for PREEMPT_RCU=n, PREEMPT_COUNT=y - vxlan: Annotate FDB data races {CVE-2025-38037} - hwmon: (xgene-hwmon) use appropriate type for the latency value - ip: fib_rules: Fetch net from fib_rule in fib[46]_rule_configure(). - net/mlx5e: reduce rep rxq depth to 256 for ECPF - net/mlx5e: set the tx_queue_len for pfifo_fast - net/mlx5: Extend Ethtool loopback selftest to support non-linear SKB - phy: core: don't require set_mode() callback for phy_get_mode() to work - net/mlx4_core: Avoid impossible mlx4_db_alloc() order value - smack: recognize ipv4 CIPSO w/o categories - pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map - ASoC: ops: Enforce platform maximum on initial value - net/mlx5: Apply rate-limiting to high temperature warning - net/mlx5: Modify LSB bitmask in temperature event to include only the first bit - ACPI: HED: Always initialize before evged - PCI: Fix old_size lower bound in calculate_iosize() too - EDAC/ie31200: work around false positive build warning - net: pktgen: fix access outside of user given buffer in pktgen_thread_write() {CVE-2025-38061} - wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU - scsi: mpt3sas: Send a diag reset if target reset fails - MIPS: pm-cps: Use per-CPU variables as per-CPU, not per-core - MIPS: Use arch specific syscall name match function - cpuidle: menu: Avoid discarding useful information - x86/nmi: Add an emergency handler in nmi_desc & use it in nmi_shootdown_cpus() - bonding: report duplicate MAC address in all situations - net: xgene-v2: remove incorrect ACPI_PTR annotation - drm/amdkfd: KFD release_work possible circular locking - net/mlx5: Avoid report two health errors on same syndrome - fpga: altera-cvp: Increase credit timeout - drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence - hwmon: (gpio-fan) Add missing mutex locks - x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2 - net: pktgen: fix mpls maximum labels list parsing - pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" - media: cx231xx: set device_caps for 417 {CVE-2025-38044} - orangefs: Do not truncate file size {CVE-2025-38065} - dm cache: prevent BUG_ON by blocking retries on failed device resumes {CVE-2025-38066} - media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() - ARM: tegra: Switch DSI-B clock parent to PLLD on Tegra114 - ieee802154: ca8210: Use proper setters and getters for bitwise types - rtc: ds1307: stop disabling alarms on probe - powerpc/prom_init: Fixup missing #size-cells on PowerBook6,7 - mmc: sdhci: Disable SD card clock before changing parameters - netfilter: conntrack: Bound nf_conntrack sysctl writes - posix-timers: Add cond_resched() to posix_timer_add() search loop - xen: Add support for XenServer 6.1 platform device {CVE-2025-38046} - dm: restrict dm device size to 2^63-512 bytes - kbuild: fix argument parsing in scripts/config - scsi: st: ERASE does not change tape location - scsi: st: Tighten the page format heuristics with MODE SELECT - ext4: reorder capability check last - um: Update min_low_pfn to match changes in uml_reserved - um: Store full CSGSFS and SS register from mcontext - btrfs: send: return -ENAMETOOLONG when attempting a path that is too long - btrfs: avoid linker error in btrfs_find_create_tree_block() - i2c: pxa: fix call balance of i2c->clk handling routines - mmc: host: Wait for Vdd to settle on card power off - libnvdimm/labels: Fix divide error in nd_label_data_init() {CVE-2025-38072} - pNFS/flexfiles: Report ENETDOWN as a connection error - tools/build: Don't pass test log files to linker - dql: Fix dql->limit value when reset. - SUNRPC: rpc_clnt_set_transport() must not change the autobind setting - NFSv4: Treat ENETUNREACH errors as fatal for state recovery - fbdev: core: tileblit: Implement missing margin clearing for tileblit - fbdev: fsl-diu-fb: add missing device_remove_file() - mailbox: use error ret code of of_parse_phandle_with_args() - kconfig: merge_config: use an empty file as initfile - cgroup: Fix compilation issue due to cgroup_mutex not being exported - dma-mapping: avoid potential unused data compilation warning - scsi: target: iscsi: Fix timeout on deleted connection {CVE-2025-38075} - openvswitch: Fix unsafe attribute parsing in output_userspace() {CVE-2025-37998} - Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 - Input: synaptics - enable SMBus for HP Elitebook 850 G1 - clocksource/i8253: Use raw_spinlock_irqsave() in clockevent_i8253_disable() - phy: renesas: rcar-gen3-usb2: Set timing registers only once - phy: Fix error handling in tegra_xusb_port_init - ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() - NFSv4/pnfs: Reset the layout state after a layoutreturn - NFSv4/pnfs: pnfs_set_layout_stateid() should update the layout cred - qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd() - ALSA: sh: SND_AICA should depend on SH_DMA_API - net: dsa: sja1105: discard incoming frames in BR_STATE_LISTENING - spi: loopback-test: Do not split 1024-byte hexdumps - nfs: handle failure of nfs_get_lock_context in unlock path {CVE-2025-38023} - RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug {CVE-2025-38024} - iio: chemical: sps30: use aligned_s64 for timestamp - iio: adc: ad7768-1: Fix insufficient alignment of timestamp. - staging: axis-fifo: Correct handling of tx_fifo_depth for size validation - staging: axis-fifo: avoid parsing ignored device tree properties - staging: axis-fifo: Remove hardware resets for user errors - staging: axis-fifo: replace spinlock with mutex - platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection - do_umount(): add missing barrier before refcount checks in sync case - MIPS: Fix MAX_REG_OFFSET - iio: adc: dln2: Use aligned_s64 for timestamp - types: Complement the aligned types with signed 64-bit one - usb: usbtmc: Fix erroneous generic_read ioctl return - usb: usbtmc: Fix erroneous wait_srq ioctl return - usb: usbtmc: Fix erroneous get_stb ioctl error returns - USB: usbtmc: use interruptible sleep in usbtmc_read - usb: typec: ucsi: displayport: Fix NULL pointer access {CVE-2025-37994} - usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition - ocfs2: stop quota recovery before disabling quotas - ocfs2: implement handshaking with ocfs2 recovery thread - ocfs2: switch osb->disable_recovery to enum - module: ensure that kobject_put() is safe for module type kobjects {CVE-2025-37995} - xenbus: Use kref to track req lifetime {CVE-2025-37949} - usb: uhci-platform: Make the clock really optional - iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo {CVE-2025-37969} - iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo {CVE-2025-37970} - iio: adis16201: Correct inclinometer channel resolution - iio: adc: ad7606: fix serial register access - staging: iio: adc: ad7816: Correct conditional logic for store mode - Input: synaptics - enable InterTouch on Dell Precision M3800 - Input: synaptics - enable InterTouch on Dynabook Portege X30L-G - Input: synaptics - enable InterTouch on Dynabook Portege X30-D - net: dsa: b53: fix learning on VLAN unaware bridges - netfilter: ipset: fix region locking in hash types {CVE-2025-37997} - sch_htb: make htb_deactivate() idempotent {CVE-2025-37953} - dm: fix copying after src array boundaries {CVE-2025-37902} - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid {CVE-2025-37927} - arm64: dts: rockchip: fix iface clock-name on px30 iommus - usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling - usb: chipidea: ci_hdrc_imx: use dev_err_probe() - usb: chipidea: imx: refine the error handling for hsic - usb: chipidea: imx: change hsic power regulator as optional - irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() {CVE-2025-37819} - irqchip/gic-v2m: Mark a few functions __init - irqchip/gic-v2m: Add const to of_device_id - sch_htb: make htb_qlen_notify() idempotent {CVE-2025-37953} - of: module: add buffer overflow check in of_modalias() {CVE-2024-38541} - PCI: imx6: Skip controller_id generation logic for i.MX7D - net: fec: ERR007885 Workaround for conventional TX - net: lan743x: Fix memleak issue when GSO enabled {CVE-2025-37909} - lan743x: fix endianness when accessing descriptors - lan743x: remove redundant initialization of variable current_head_index - nvme-tcp: fix premature queue removal and I/O failover - net: dlink: Correct endianness handling of led_mode - net_sched: qfq: Fix double list add in class with netem as child qdisc {CVE-2025-37913} - net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc {CVE-2025-37890} - net_sched: drr: Fix double list add in class with netem as child qdisc {CVE-2025-37915} - net/mlx5: E-Switch, Initialize MAC Address for Default GID - tracing: Fix oob write in trace_seq_to_buffer() {CVE-2025-37923} - dm: always update the array size in realloc_argv on success {CVE-2025-37902} - dm-integrity: fix a warning on invalid table line - wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() {CVE-2025-37990} - amd-xgbe: Fix to ensure dependent features are toggled with RX checksum offload - parisc: Fix double SIGFPE crash {CVE-2025-37991} - i2c: imx-lpi2c: Fix clock count when probe defers - EDAC/altera: Set DDR and SDMMC interrupt mask before registration - EDAC/altera: Test the correct error reg offset - scsi: qedf: Wait for stag work during unload - scsi: qedf: Don't process stag work during unload and recovery - rds: ib: Add cm_id generation scheme in order to detect new ones - x86/its: BPF can crash in bpf_jit_comp.c when ITS is enabled - shmem: add support to ignore swap - shmem: update documentation - mm: hold the source mmap write lock when copying PTEs - mm: do not write protect COW mappings when preserving across exec - mm: differentiate copying PTEs for preservation from copying for fork - mm/fork: Pass new vma pointer into copy_page_range() - xen/swiotlb: relax alignment requirements - Reapply "xen/swiotlb: add alignment check for dma buffers" - dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" - nvme: unblock ctrl state transition for firmware update - memcg: always call cond_resched() after fn() - ACPI: PPTT: Fix processor subtable walk - LTS tag: v5.4.293 - MIPS: cm: Fix warning if MIPS_CM is disabled - crypto: atmel-sha204a - Set hwrng quality to lowest possible - comedi: jr3_pci: Fix synchronous deletion of timer - md/raid1: Add check for missing source disk in process_checks() - scsi: pm80xx: Set phy_attached to zero when device is gone - ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls - selftests: ublk: fix test_stripe_04 - udmabuf: fix a buf size overflow issue during udmabuf creation {CVE-2025-37803} - KVM: s390: Don't use %pK through tracepoints - sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP - ntb: reduce stack usage in idt_scan_mws - qibfs: fix _another_ leak {CVE-2025-37983} - usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() {CVE-2025-37881} - dmaengine: dmatest: Fix dmatest waiting less when interrupted - usb: host: max3421-hcd: Add missing spi_device_id table - parisc: PDT: Fix missing prototype warning - clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() - crypto: null - Use spin lock instead of mutex {CVE-2025-37808} - MIPS: cm: Detect CM quirks from device tree - USB: VLI disk crashes if LPM is used - usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive - usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive - usb: dwc3: gadget: check that event count does not exceed event buffer length {CVE-2025-37810} - USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) - usb: cdns3: Fix deadlock when using NCM gadget {CVE-2025-37812} - USB: serial: simple: add OWON HDS200 series oscilloscope support - USB: serial: option: add Sierra Wireless EM9291 - USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe - serial: sifive: lock port in startup()/shutdown() callbacks - USB: storage: quirk for ADATA Portable HDD CH94 - mcb: fix a double free bug in chameleon_parse_gdd() {CVE-2025-37817} - virtio_console: fix missing byte order handling for cols and rows - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823} - net_sched: hfsc: Fix a UAF vulnerability in class handling {CVE-2025-37797} - tipc: fix NULL pointer dereference in tipc_mon_reinit_self() {CVE-2025-37824} - net: phy: leds: fix memory leak {CVE-2025-37989} - cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() {CVE-2025-37829} - drm/amd/pm: Prevent division by zero {CVE-2025-37766} - misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error - misc: pci_endpoint_test: Use INTX instead of LEGACY - PCI: Rename PCI_IRQ_LEGACY to PCI_IRQ_INTX - iio: adc: ad7768-1: Fix conversion result sign - iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check - net: dsa: mv88e6xxx: fix VTU methods for 6320 family - media: vim2m: print device name after registering device - ext4: fix OOB read when checking dotdot dir {CVE-2025-37785} - ext4: optimize __ext4_check_dir_entry() - ext4: don't over-report free space or inodes in statvfs - ext4: code cleanup for ext4_statfs_project() - ext4: simplify checking quota limits in ext4_statfs() - platform/x86: ISST: Correct command storage data length - MIPS: ds1287: Match ds1287_set_base_clock() function types - MIPS: cevt-ds1287: Add missing ds1287.h include - MIPS: dec: Declare which_prom() as static - virtio-net: Add validation for used length {CVE-2021-47352} - RDMA/srpt: Support specifying the srpt_service_guid parameter {CVE-2024-26744} - openvswitch: fix lockup on tx to unregistering netdev with carrier {CVE-2025-21681} - net: openvswitch: fix race on port output {CVE-2025-21681} - mmc: cqhci: Fix checking of CQHCI_HALT state - nvmet-fc: Remove unused functions - usb: dwc3: support continuous runtime PM with dual role - misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type - misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error {CVE-2025-23140} - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). {CVE-2024-50154} - powerpc/prom_init: Use -ffreestanding to avoid a reference to bcmp - kbuild: Add '-fno-builtin-wcslen' - cpufreq: Reference count policy in cpufreq_update_limits() - drm/sti: remove duplicate object names - drm/nouveau: prime: fix ttm_bo_delayed_delete oops {CVE-2025-37765} - drm/repaper: fix integer overflows in repeat functions - module: sign with sha512 instead of sha1 by default - perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR - perf/x86/intel: Allow to update user space GPRs from PEBS records - virtiofs: add filesystem context source name check {CVE-2025-37773} - riscv: Avoid fortify warning in syscall_get_arguments() - isofs: Prevent the use of too small fid {CVE-2025-37780} - i2c: cros-ec-tunnel: defer probe if parent EC is not present {CVE-2025-37781} - hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key {CVE-2025-37782} - btrfs: correctly escape subvol in btrfs_show_options() - nfs: add missing selections of CONFIG_CRC32 - nfs: move nfs_fhandle_hash to common include file - NFSD: Constify @fh argument of knfsd_fh_hash() - asus-laptop: Fix an uninitialized variable - writeback: fix false warning in inode_to_wb() - net: b53: enable BPDU reception for management port - net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789} - Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" {CVE-2025-37795} - Bluetooth: btrtl: Prevent potential NULL dereference {CVE-2025-37792} - Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address - RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() - scsi: iscsi: Fix missing scsi_host_put() in error path - wifi: wl1251: fix memory leak in wl1251_tx_work {CVE-2025-37982} - wifi: mac80211: Purge vif txq in ieee80211_do_stop() {CVE-2025-37794} - wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() {CVE-2025-37795} - wifi: at76c50x: fix use after free access in at76_disconnect {CVE-2025-37796} - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition {CVE-2025-37838} - pwm: mediatek: always use bus clock for PWM on MT7622 - Bluetooth: hci_uart: Fix another race during initialization {CVE-2025-23139} - x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() - PCI: Fix reference leak in pci_alloc_child_bus() - of/irq: Fix device node refcount leakages in of_irq_init() - of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() - of/irq: Fix device node refcount leakages in of_irq_count() - ntb: use 64-bit arithmetic for the MSI doorbell mask - gpio: zynq: Fix wakeup source leaks on device unbind - ftrace: Add cond_resched() to ftrace_graph_set_hash() {CVE-2025-37940} - dm-integrity: set ti->error on memory allocation failure - crypto: ccp - Fix check for the primary ASP device - thermal/drivers/rockchip: Add missing rk3328 mapping entry - sctp: detect and prevent references to a freed transport in sendmsg {CVE-2025-23142} - mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock - sparc/mm: disable preemption in lazy mmu mode - arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string - mtd: rawnand: Add status chack in r852_ready() - mtd: inftlcore: Add error check for inftl_read_oob() {CVE-2025-37892} - lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets - locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() - jbd2: remove wrong sb->s_sequence check {CVE-2025-37839} - i3c: Add NULL pointer check in i3c_master_queue_ibi() {CVE-2025-23147} - ext4: fix off-by-one error in do_split {CVE-2025-23150} - wifi: mac80211: fix integer overflow in hwmp_route_info_get() - net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family - media: venus: hfi_parser: add check to avoid out of bound access {CVE-2025-23157} - media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO - media: i2c: ov7251: Set enable GPIO low in probe - media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() - media: streamzap: prevent processing IR data on URB failure - mtd: rawnand: brcmnand: fix PM resume warning {CVE-2025-37840} - arm64: cputype: Add MIDR_CORTEX_A76AE - xenfs/xensyms: respect hypervisor's "next" indication - media: siano: Fix error handling in smsdvb_module_init() - media: venus: hfi: add check to handle incorrect queue size {CVE-2025-23158} - media: venus: hfi: add a check to handle OOB in sfr region {CVE-2025-23159} - media: i2c: adv748x: Fix test pattern selection mask - ext4: don't treat fhandle lookup of ea_inode as FS corruption - ext4: reject casefold inode flag without casefold feature - bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags - bpf: Add endian modifiers to fix endian warnings - pwm: fsl-ftm: Handle clk_get_rate() returning 0 - pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() {CVE-2025-37850} - pwm: mediatek: Always use bus clock - fbdev: omapfb: Add 'plane' value check {CVE-2025-37851} - drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off - drm/amdkfd: Fix pqm_destroy_queue race with GPU reset - drm/amdkfd: clamp queue size to minimum - drm: panel-orientation-quirks: Add new quirk for GPD Win 2 - drm: panel-orientation-quirks: Add support for AYANEO 2S - drm: allow encoder mode_set even when connectors change for crtc - Bluetooth: hci_uart: fix race during initialization {CVE-2025-23139} - tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER - net: vlan: don't propagate flags on open {CVE-2025-23163} - wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table - scsi: st: Fix array overflow in st_setup() {CVE-2025-37857} - ext4: ignore xattrs past end {CVE-2025-37738} - ext4: protect ext4_release_dquot against freezing - ahci: add PCI ID for Marvell 88SE9215 SATA Controller - ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode - jfs: add sanity check for agwidth in dbMount {CVE-2025-37740} - jfs: Prevent copying of nlink with value 0 from disk inode {CVE-2025-37741} - fs/jfs: Prevent integer overflow in AG size calculation {CVE-2025-37858} - fs/jfs: cast inactags to s64 to prevent potential overflow - page_pool: avoid infinite loop to schedule delayed worker {CVE-2025-37859} - ALSA: usb-audio: Fix CME quirk for UF series keyboards - ALSA: hda: intel: Fix Optimus when GPU has no sound - HID: pidff: Fix null pointer dereference in pidff_find_fields {CVE-2025-37862} - HID: pidff: Do not send effect envelope if it's empty - HID: pidff: Convert infinite length from Linux API to PID standard - xen/mcelog: Add __nonstring annotations for unterminated strings - perf: arm_pmu: Don't disable counter in armpmu_add() - x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine - pm: cpupower: bench: Prevent NULL dereference on malloc failure {CVE-2025-37841} - net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749} - ata: sata_sx4: Add error handling in pdc20621_i2c_read() - ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones - tipc: fix memory leak in tipc_link_xmit {CVE-2025-37757} - ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() {CVE-2025-37758} - x86/bhi: Do not set BHI_DIS_S in 32-bit mode - x86/bpf: Add IBHF call at end of classic BPF - x86/bpf: Call branch history clearing sequence on exit - certs: Reference revocation list for all keyrings - RDS: use get_user_pages_fast() in rdma_pin_pages() - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel - selftest/x86/bugs: Add selftests for ITS {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking {CVE-2024-28956} - x86/its: Add "vmexit" option to skip mitigation on some CPUs {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation {CVE-2024-28956} - certs: Add new Oracle Linux Driver Signing (key 1) certificate - net/mlx5e: Don't call cleanup on profile rollback failure {CVE-2024-50146} - net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() {CVE-2024-50000} - net/mlx5: Fix error path in multi-packet WQE transmit {CVE-2024-50001} - net/mlx5: Discard command completions in internal error {CVE-2024-38555} - net/mlx5e: fix a potential double-free in fs_any_create_groups {CVE-2023-52667} - net/mlx5: Reclaim max 50K pages at once - LTS tag: v5.4.292 - jfs: add index corruption check to DT_GETPAGE() - tracing: Fix use-after-free in print_graph_function_flags during tracer switching {CVE-2025-22035} - mmc: sdhci-pxav3: set NEED_RSP_BUSY capability - ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP - x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs {CVE-2025-22045} - x86/tsc: Always save/restore TSC sched_clock() on suspend/resume - ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() - can: flexcan: only change CAN state when link up in system PM - arcnet: Add NULL check in com20020pci_probe() {CVE-2025-22054} - net: dsa: mv88e6xxx: propperly shutdown PPU re-enable timer on destroy - ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS - vsock: avoid timeout during connect() if the socket is closing - net_sched: skbprio: Remove overly strict queue assertions {CVE-2025-38637} - netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets {CVE-2025-22063} - ntb: intel: Fix using link status DB's - ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans {CVE-2023-53034} - spufs: fix a leak in spufs_create_context() {CVE-2025-22071} - spufs: fix a leak on spufs_new_file() failure {CVE-2025-22073} - hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} - can: statistics: use atomic access in hot path - locking/semaphore: Use wake_q to wake up processes outside lock critical section - sched/deadline: Use online cpus for validating runtime - affs: don't write overlarge OFS data block size fields - affs: generate OFS sequence numbers starting at 1 - wifi: iwlwifi: fw: allocate chained SG tables for dump - sched/smt: Always inline sched_smt_active() - octeontx2-af: Fix mbox INTR handler when num VFs > 64 - ring-buffer: Fix bytes_dropped calculation issue - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() {CVE-2025-37937} - fs/procfs: fix the comment above proc_pid_wchan() - perf python: Check if there is space to copy all the event - perf python: Decrement the refcount of just created event on failure - perf python: Fixup description of sample.id event member - ocfs2: validate l_tree_depth to avoid out-of-bounds access {CVE-2025-22079} - kexec: initialize ELF lowest address to ULONG_MAX - perf units: Fix insufficient array space - iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio - coresight: catu: Fix number of pages while using 64k pages - isofs: fix KMSAN uninit-value bug in do_isofs_readdir() - x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment - mfd: sm501: Switch to BIT() to mitigate integer overflows - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow {CVE-2025-22086} - power: supply: max77693: Fix wrong conversion of charge input threshold value - x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 - clk: amlogic: g12a: fix mmc A peripheral clock - clk: amlogic: gxbb: drop non existing 32k clock parent - clk: amlogic: g12b: fix cluster A parent data - IB/mad: Check available slots before posting receive WRs - clk: rockchip: rk3328: fix wrong clk_ref_usb3otg parent - pinctrl: renesas: rza2: Fix missing of_node_put() call - lib: 842: Improve error handling in sw842_compress() - clk: amlogic: gxbb: drop incorrect flag on 32k clock - fbdev: sm501fb: Add some geometry checks. - mdacon: rework dependency list - fbdev: au1100fb: Move a variable assignment behind a null pointer check - PCI: pciehp: Don't enable HPIE when resuming in poll mode - PCI: Remove stray put_device() in pci_register_host_bridge() - PCI/portdrv: Only disable pciehp interrupts early when needed - PCI/ASPM: Fix link state exit during switch upstream function removal {CVE-2024-58093} - drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member - ALSA: hda/realtek: Always honor no_shutup_pins - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll - lockdep: Don't disable interrupts on RT in disable_irq_nosync_lockdep.*() - PM: sleep: Fix handling devices with direct_complete set on errors - thermal: int340x: Add NULL check for adev {CVE-2025-23136} - EDAC/ie31200: Fix the error path order of ie31200_init() - EDAC/ie31200: Fix the DIMM size mask for several SoCs - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer - selinux: Chain up tool resolving errors in install_policy.sh - x86/platform: Only allow CONFIG_EISA for 32-bit - x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove {CVE-2025-22020} - net: usb: qmi_wwan: add Telit Cinterion FE990B composition - net: usb: qmi_wwan: add Telit Cinterion FN990B composition - tty: serial: 8250: Add some more device IDs - counter: stm32-lptimer-cnt: fix error handling when enabling - netfilter: socket: Lookup orig tuple for IPv6 SNAT {CVE-2025-22021} - ARM: Remove address checking for MMUless devices - ARM: 9351/1: fault: Add "cut here" line for prefetch aborts - ARM: 9350/1: fault: Implement copy_from_kernel_nofault_allowed() - atm: Fix NULL pointer dereference {CVE-2025-22018} - HID: hid-plantronics: Add mic mute mapping and generalize quirks - ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() {CVE-2025-21996} - batman-adv: Ignore own maximum aggregation size during RX - ARM: shmobile: smp: Enforce shmobile_smp_* alignment - mmc: atmel-mci: Add missing clk_disable_unprepare() - drm/v3d: Don't run jobs that have errors flagged in its fence - i2c: omap: fix IRQ storms - net/neighbor: add missing policy for NDTPA_QUEUE_LENBYTES - net: atm: fix use after free in lec_send() {CVE-2025-22004} - ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create(). - ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). {CVE-2025-22005} - Bluetooth: Fix error code in chan_alloc_skb_cb() {CVE-2025-22007} - RDMA/hns: Fix wrong value of max_sge_rd - RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path - xfrm_output: Force software GSO only in tunnel mode - firmware: imx-scu: fix OF node leak in .probe() - i2c: sis630: Fix an error handling path in sis630_probe() - i2c: ali15x3: Fix an error handling path in ali15x3_probe() - i2c: ali1535: Fix an error handling path in ali1535_probe() - ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() - drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() - qlcnic: fix memory leak issues in qlcnic_sriov_common.c - drm/amd/display: Assign normalized_pix_clk when color depth = 14 {CVE-2025-21956} - drm/atomic: Filter out redundant DPMS calls - x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes {CVE-2025-21991} - USB: serial: option: match on interface class for Telit FN990B - USB: serial: option: fix Telit Cinterion FE990A name - USB: serial: option: add Telit Cinterion FE990B compositions - USB: serial: ftdi_sio: add support for Altera USB Blaster 3 - block: fix 'kmem_cache of name 'bio-108' already exists' - drm/nouveau: Do not override forced connector status - x86/irq: Define trace events conditionally - fuse: don't truncate cached, mutated symlink - nvme: only allow entering LIVE from CONNECTING state - sctp: Fix undefined behavior in left shift operation - nvmet-rdma: recheck queue state is LIVE in state lock in recv done - ASoC: rsnd: don't indicate warning on rsnd_kctrl_accept_runtime() - s390/cio: Fix CHPID "configure" attribute caching - HID: ignore non-functional sensor in HP 5MP Camera {CVE-2025-21992} - HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell - ACPI: resource: IRQ override for Eluktronics MECH-17 - scsi: qla1280: Fix kernel oops when debug level > 2 {CVE-2025-21957} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993} - powercap: call put_device() on an error path in powercap_register_control_type() - hrtimers: Mark is_migration_base() with __always_inline - nvme-fc: go straight to connecting state when initializing - net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices - netfilter: nft_exthdr: fix offset with ipv4_find_option() - net_sched: Prevent creation of classes with TC_H_ROOT {CVE-2025-21971} - ipvs: prevent integer overflow in do_ip_vs_get_ctl() - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() {CVE-2025-21959} - Drivers: hv: vmbus: Don't release fb_mmio resource in vmbus_free_mmio() - drivers/hv: Replace binary semaphore with mutex - netpoll: hold rcu read lock in __netpoll_send_skb() - netpoll: netpoll_send_skb() returns transmit status - netpoll: move netpoll_send_skb() out of line - netpoll: remove dev argument from netpoll_send_skb_on_dev() - netpoll: Fix use correct return type for ndo_start_xmit() - pinctrl: bcm281xx: Fix incorrect regmap max_registers value - sched/isolation: Prevent boot crash when the boot CPU is nohz_full - clockevents/drivers/i8253: Fix stop sequence for timer 0 - RDS: avoid using offlined CPU during reconnect - x86/microcode/AMD: Clean the cache if update did not load microcode - x86/microcode/AMD: Add finalize_late_load() microcode_op - x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches - x86/microcode/AMD: Add some forgotten models to the SHA check - x86/microcode/AMD: Load only SHA256-checksummed patches {CVE-2025-22047} - x86/microcode/AMD: Flush patch buffer mapping after application - x86/microcode/AMD: Stash BSP's CPUID(1).EAX and patch size - nvme: fix deadlock between reset and scan Important TuxCare License Agreement CVE-2024-50154 CVE-2024-26744 CVE-2025-21681 CVE-2024-56655 CVE-2025-22045 CVE-2025-23157 CVE-2025-23140 CVE-2025-23139 CVE-2025-37738 CVE-2025-23163 CVE-2025-23159 CVE-2025-23158 CVE-2025-37794 CVE-2025-37781 CVE-2025-37773 CVE-2025-37766 CVE-2025-37765 CVE-2025-37823 CVE-2025-37902 CVE-2025-37937 CVE-2025-37983 CVE-2025-37982 CVE-2025-37949 CVE-2025-38001 CVE-2025-38051 CVE-2025-38035 CVE-2025-38024 CVE-2025-38065 CVE-2025-38061 CVE-2025-38086 CVE-2025-38147 CVE-2025-38136 CVE-2025-38181 CVE-2025-38222 CVE-2025-38219 CVE-2025-38204 CVE-2025-38203 CVE-2025-38285 CVE-2025-38324 CVE-2025-38323 CVE-2025-38346 CVE-2025-38345 CVE-2025-38344 CVE-2025-38337 CVE-2025-38428 CVE-2025-38637 CVE-2025-38498 CVE-2025-38430 CVE-2025-38424 CVE-2025-38420 CVE-2025-38416 CVE-2025-38415 CVE-2025-38352 CVE-2025-38350 CVE-2025-38348 CVE-2025-38336 CVE-2025-38332 CVE-2025-38328 CVE-2025-38326 CVE-2025-38320 CVE-2025-38313 CVE-2025-38312 CVE-2025-38298 CVE-2025-38286 CVE-2025-38237 CVE-2025-38214 CVE-2025-38213 CVE-2025-38212 CVE-2025-38200 CVE-2025-38194 CVE-2025-38190 CVE-2025-38185 CVE-2025-38184 CVE-2025-38180 CVE-2025-38174 CVE-2025-38173 CVE-2025-38163 CVE-2025-38157 CVE-2025-38153 CVE-2025-38145 CVE-2025-38135 CVE-2025-38115 CVE-2025-38111 CVE-2025-38108 CVE-2025-38103 CVE-2025-38090 CVE-2025-38083 CVE-2025-38079 CVE-2025-38078 CVE-2025-38075 CVE-2025-38072 CVE-2025-38066 CVE-2025-38058 CVE-2025-38046 CVE-2025-38044 CVE-2025-38037 CVE-2025-38034 CVE-2025-38023 CVE-2025-38004 CVE-2025-38003 CVE-2025-38000 CVE-2025-37998 CVE-2025-37997 CVE-2025-37995 CVE-2025-37994 CVE-2025-37991 CVE-2025-37990 CVE-2025-37989 CVE-2025-37970 CVE-2025-37969 CVE-2025-37958 CVE-2025-37953 CVE-2025-37940 CVE-2025-37927 CVE-2025-37923 CVE-2025-37915 CVE-2025-37913 CVE-2025-37909 CVE-2025-37892 CVE-2025-37890 CVE-2025-37881 CVE-2025-37862 CVE-2025-37859 CVE-2025-37858 CVE-2025-37857 CVE-2025-37851 CVE-2025-37850 CVE-2025-37841 CVE-2025-37840 CVE-2025-37839 CVE-2025-37838 CVE-2025-37829 CVE-2025-37824 CVE-2025-37819 CVE-2025-37817 CVE-2025-37812 CVE-2025-37810 CVE-2025-37808 CVE-2025-37797 CVE-2025-37796 CVE-2025-37795 CVE-2025-37792 CVE-2025-37789 CVE-2025-37782 CVE-2025-37780 CVE-2025-37758 CVE-2025-37757 CVE-2025-37749 CVE-2025-37741 CVE-2025-37740 CVE-2025-23150 CVE-2025-23147 CVE-2025-23142 CVE-2025-22086 CVE-2025-22079 CVE-2025-22073 CVE-2025-22071 CVE-2025-22054 CVE-2025-22047 CVE-2025-22035 CVE-2025-22021 CVE-2025-22007 CVE-2025-22004 CVE-2025-21996 CVE-2025-21993 CVE-2025-21992 CVE-2025-21991 CVE-2025-21971 CVE-2025-21959 CVE-2025-21957 CVE-2025-21956 CVE-2024-58093 CVE-2024-50146 CVE-2024-50001 CVE-2024-50000 CVE-2024-38555 CVE-2024-38541 CVE-2024-36350 CVE-2024-28956 CVE-2023-6931 CVE-2023-53034 CVE-2023-52667 CVE-2022-48829 CVE-2022-48828 CVE-2022-48773 CVE-2021-47352 CVE-2025-22005 CVE-2024-46855 CVE-2025-37803 CVE-2025-37785 CVE-2025-22063 CVE-2025-22018 CVE-2025-22020 CVE-2025-23136 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-32990: fix memory corruption in when parsing a template file Important TuxCare License Agreement CVE-2025-32990 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-47252: escape user-supplied data in mod_ssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attack Important TuxCare License Agreement CVE-2024-47252 CVE-2025-49812 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Update Intel CPU microcode to 20250812: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000401; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000643; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x3a; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x437; - Addition of cpuid:A06D1/0x20 (GNR-AP/SP H0) microcode (in microcode.dat) at revision 0xa000100; - Addition of cpuid:A06D1/0x95 (GNR-AP/SP B0) microcode (in microcode.dat) at revision 0x10003d0; - Addition of cpuid:B0650/0x80 (ARL-U A1) microcode (in microcode.dat) at revision 0xa; - Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x12f; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4129; - Addition of cpuid:B06D1/0x80 (LNL B0) microcode (in microcode.dat) at revision 0x123; - Addition of cpuid:C0652/0x82 (ARL-H A1) microcode (in microcode.dat) at revision 0x119; - Addition of cpuid:C0662/0x82 (ARL-HX 8P/S B0) microcode (in microcode.dat) at revision 0x119; - Addition of cpuid:C0664/0x82 microcode (in microcode.dat) at revision 0x119; - Addition of cpuid:C06A2/0x82 microcode (in microcode.dat) at revision 0x119; - Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x210002b3; - Removal of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) at revision 0x4003605; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c0003e0; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000620; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x38; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x436; - Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x12c; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4124; - Removal of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) at revision 0x21000291; - Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000291; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003707 up to 0x5003901; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002904 up to 0x7002b01; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003f5 up to 0xd000410; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x10002c0 up to 0x10002e0; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x24 up to 0x26; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc6 up to 0xca; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb8 up to 0xbc; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x38 up to 0x3c; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x52 up to 0x56; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000401; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000643; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000401; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000643; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000401; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000643; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000643; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x38 up to 0x3a; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x9 up to 0xa; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x436 up to 0x437; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0x102 up to 0x104; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xfe up to 0x102; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x63 up to 0x64; - Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from revision 0x20 up to 0x25; - Update of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) from revision 0x3000330 up to 0x3000362; - Update of cpuid:B0674/0x32 microcode (in microcode.dat) from revision 0x12c up to 0x12f; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x4124 up to 0x4129; - Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision 0x4124 up to 0x4129; - Update of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) from revision 0x1c up to 0x1d; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x38 up to 0x3a; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x38 up to 0x3a; - Update of cpuid:B06F6/0x07 microcode (in microcode.dat) from revision 0x38 up to 0x3a; - Update of cpuid:B06F7/0x07 microcode (in microcode.dat) from revision 0x38 up to 0x3a; - Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from revision 0x21000291 up to 0x210002b3; Moderate TuxCare License Agreement CVE-2024-28956 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-52533: fix off-by-one error leading to buffer overflow in gsocks4aproxy.c Important TuxCare License Agreement CVE-2024-52533 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-4802: prevent untrusted LD_LIBRARY_PATH from loading dynamically shared libraries in statically compiled binaries that call dlopen Important TuxCare License Agreement CVE-2025-4802 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2017-9228: fix heap out-of-bounds write in bitset_set_range() and parse_char_class() functions Critical TuxCare License Agreement CVE-2017-9228 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-46835: prevent malicious creating and overwriting of user's files Low TuxCare License Agreement CVE-2025-46835 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - ASoC: topology: Clean up route loading {CVE-2024-41069} - ASoC: topology: Fix references to freed memory {CVE-2024-41069} - drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616} - Bluetooth: L2CAP: Fix not validating setsockopt user input {CVE-2024-35965} - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() {CVE-2024-35965} - usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704} - igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332} - vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214} - Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966} - Bluetooth: SCO: Fix not validating setsockopt user input {CVE-2024-35966} - media: stk1160: fix bounds checking in stk1160_copy_video() {CVE-2024-38621} - net/sched: Always pass notifications when child class becomes empty {CVE-2025-38350} - sch_htb: make htb_qlen_notify() idempotent {CVE-2025-37932} - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() {CVE-2025-37798} - sch_qfq: make qfq_qlen_notify() idempotent {CVE-2025-38350} - sch_drr: make drr_qlen_notify() idempotent {CVE-2025-38350} - sch_htb: make htb_deactivate() idempotent {CVE-2025-38350} - sch_cbq: make cbq_qlen_notify() idempotent {CVE-2025-38000} - inet: fully convert sk->sk_rx_dst to RCU rules {CVE-2021-47103} - scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695} - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901} - vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499} - USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760} - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497} - virtio-net: Add validation for used length {CVE-2021-47352} - watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321} - scsi: qedi: Fix crash while reading debugfs attribute {CVE-2024-40978} - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929} - wifi: iwlwifi: mvm: guard against invalid STA ID on removal {CVE-2024-36921} - mac802154: fix llsec key resources release in mac802154_llsec_key_del {CVE-2024-26961} - platform/x86: wmi: Fix opening of char device {CVE-2023-52864} - media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764} - wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} - net: fix information leakage in /proc/net/ptype {CVE-2022-48757} - crypto: qat - resolve race condition during AER recovery {CVE-2024-26974} - perf/core: Bail out early if the request AUX area is out of bound {CVE-2023-52835} - net: ti: fix UAF in tlan_remove_one {CVE-2021-47310} - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() {CVE-2023-52594} - net: bridge: use DEV_STATS_INC() {CVE-2023-52578} - net: add atomic_long_t to net_device_stats fields {CVE-2023-52578} - media: dvb-core: Fix use-after-free due to race at dvb_register_device() {CVE-2022-45884} - media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885} - xen/gntalloc: don't use gnttab_query_foreign_access() {CVE-2022-23039} - xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037} - xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23038} - ovl: fail on invalid uid/gid mapping at copy up {CVE-2023-0386} - ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292} - gfs2: Fix length of holes reported at end-of-file - gfs2: Only do glock put in gfs2_create_inode for free inodes - gfs2: Fix use-after-free in gfs2_logd after withdraw - gfs2: fix use-after-free in trans_drain - gfs2: Clean up revokes on normal withdraws - GFS2: gfs2_free_extlen can return an extent that is too long - gfs2: Wipe jdata and ail1 in gfs2_journal_wipe, formerly gfs2_meta_wipe - GFS2: Refactor gfs2_remove_from_journal - GFS2: Only set PageChecked for jdata pages - gfs2: keep bios separate for each journal - gfs2: Remove active journal side effect from gfs2_write_log_header - gfs2: clean_journal improperly set sd_log_flush_head - partial "GFS2: Introduce new gfs2_log_header_v2" - gfs2: change from write to read lock for sd_log_flush_lock in journal replay - GFS2: Reduce code redundancy writing log headers - gfs2: Grab glock reference sooner in gfs2_add_revoke - gfs2: fix glock reference problem in gfs2_trans_remove_revoke - gfs2: Fix occasional glock use-after-free - gfs2: Make sure we don't miss any delayed withdraws - gfs2: Fix bad comment for trans_drain - gfs2: add some much needed cleanup for log flushes that fail - gfs2: fix trans slab error when withdraw occurs inside log_flush - gfs2: initialize transaction tr_ailX_lists earlier - GFS2: Remove extra "if" in gfs2_log_flush() - gfs2: fix use-after-free on transaction ail lists - gfs2: Trim the ordered write list in gfs2_ordered_write() - GFS2: Clean up releasepage - gfs2: Only set PageChecked if we have a transaction - gfs2: Fix case in which ail writes are done to jdata holes - gfs2: simplify gfs2_block_map - gfs2: Remove unused gfs2_iomap_alloc argument - gfs2: Be more careful with the quota sync generation - gfs2: Get rid of some unnecessary quota locking - gfs2: Add some missing quota locking - gfs2: Fold qd_fish into gfs2_quota_sync - gfs2: quota need_sync cleanup - gfs2: Fix and clean up function do_qc - gfs2: Revert "Add quota_change type" - gfs2: Revert "ignore negated quota changes" - gfs2: qd_check_sync cleanups - gfs2: Check quota consistency on mount - gfs2: Minor gfs2_quota_init error path cleanup - gfs2: fix kernel BUG in gfs2_quota_cleanup - gfs2: Clean up quota.c:print_message - gfs2: Clean up gfs2_alloc_parms initializers - gfs2: Two quota=account mode fixes - gfs2: Remove useless assignment - gfs2: simplify slot_get - gfs2: Simplify qd2offset - gfs2: Remove quota allocation info from quota file - gfs2: use constant for array size - gfs2: Set qd_sync_gen in do_sync - gfs2: Remove useless err set - gfs2: Small gfs2_quota_lock cleanup - gfs2: move qdsb_put and reduce redundancy - gfs2: Don't try to sync non-changes - gfs2: Simplify function need_sync - gfs2: remove unneeded pg_oflow variable - gfs2: remove unneeded variable done - gfs2: pass sdp to gfs2_write_buf_to_page - gfs2: pass sdp in to gfs2_write_disk_quota - gfs2: Pass sdp to gfs2_adjust_quota - gfs2: remove dead code for quota writes - gfs2: Use qd_sbd more consequently - gfs2: replace 'found' with dedicated list iterator variable - gfs2: Some whitespace cleanups - gfs2: Fix gfs2_qa_get imbalance in gfs2_quota_hold Important TuxCare License Agreement CVE-2022-48760 CVE-2024-40978 CVE-2024-26961 CVE-2024-40929 CVE-2023-52835 CVE-2023-52578 CVE-2022-48695 CVE-2021-47103 CVE-2024-53214 CVE-2025-37932 CVE-2025-37798 CVE-2024-40901 CVE-2024-26974 CVE-2023-52864 CVE-2023-52764 CVE-2023-52594 CVE-2023-52530 CVE-2023-0386 CVE-2022-49292 CVE-2022-48757 CVE-2022-45885 CVE-2022-45884 CVE-2022-23039 CVE-2022-23038 CVE-2022-23037 CVE-2021-47497 CVE-2021-47352 CVE-2021-47321 CVE-2021-47310 CVE-2024-41069 CVE-2024-56616 CVE-2024-35965 CVE-2025-21704 CVE-2024-52332 CVE-2024-35966 CVE-2024-39499 CVE-2024-38621 CVE-2025-38350 CVE-2024-36921 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-24528: fix buffer overflow vulnerability in iprop log file writing Moderate TuxCare License Agreement CVE-2025-24528 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2007-4559: implement PEP 706 - a filter in the tarfile module to prevent directory traversal vulnerability Low TuxCare License Agreement CVE-2007-4559 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2017-5225: fix heap buffer overflow in tools/tiffcp by restricting BitsPerSample values Important TuxCare License Agreement CVE-2025-8177 CVE-2024-7006 CVE-2025-8176 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - version sync with OracleLinux version 7.4.629-8.0.1 Important TuxCare License Agreement CVE-2024-22667 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2019-1547: fix side-channel vulnerability in ECDSA when using explicit EC parameters without cofactor - CVE-2025-9230: fix incorrect check of unwrapped key size Moderate TuxCare License Agreement CVE-2019-1547 CVE-2025-9230 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-8837: fix use-after-free vulnerability in jpc_dec_dump() Important TuxCare License Agreement CVE-2025-8837 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - bump version to 1.2-10.0.1 Important TuxCare License Agreement CVE-2024-5564 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Additional fix for CVE-2025-49176 Important TuxCare License Agreement CVE-2025-26596 CVE-2025-26595 CVE-2025-26598 CVE-2025-26600 CVE-2025-26594 CVE-2025-26597 CVE-2025-26601 CVE-2025-26599 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Rebuilt with xorg-x11-server-1.20.4-99.el7_9.tuxcare.els7, mitigating the security vulnerabilities identified by the following CVEs: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597 CVE-2025-26598, CVE-2025-26599, CVE-2025-26600 and CVE-2025-26601, CVE-2025-49175, CVE-2025-49176, CVE-2025-49178, CVE-2025-49179, CVE-2025-49180 Important TuxCare License Agreement CVE-2025-49180 CVE-2025-49175 CVE-2025-26597 CVE-2025-26600 CVE-2025-26598 CVE-2025-26595 CVE-2025-49178 CVE-2025-49179 CVE-2025-49176 CVE-2025-26596 CVE-2025-26594 CVE-2025-26601 CVE-2025-26599 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Bump package Release to 21.0.5 - CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative Important TuxCare License Agreement CVE-2025-8194 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2022-40897: fix Regular Expression Denial of Service (ReDoS) in package_index.py - CVE-2024-6345: fix remote code execution in package_index module Important TuxCare License Agreement CVE-2024-6345 CVE-2022-40897 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - ext4: fix possible UAF when remounting r/o a mmp-protected file system {CVE-2021-47342} - ext4: fix memory leak in ext4_fill_super - net: defer final 'struct net' free in netns dismantle {CVE-2024-56658} - net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701} - fix: virtio-net: Add validation for used length {CVE-2021-47352} Important TuxCare License Agreement CVE-2021-47391 CVE-2022-48701 CVE-2024-56658 CVE-2021-47342 CVE-2025-38477 CVE-2023-52868 CVE-2022-48827 CVE-2022-48738 CVE-2016-2070 CVE-2024-2201 CVE-2024-38659 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-58060: fix authentication bypass by checking password when AuthType is set to anything but Basic. Important TuxCare License Agreement CVE-2025-58060 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-35235: patch arbitrary chmod vulnerability in cupsd process when starting server with symbolic link Listen configuration item Moderate TuxCare License Agreement CVE-2024-35235 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-9900: fix write-what-where vulnerability in processing TIFF image files Important TuxCare License Agreement CVE-2025-9900 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2016-9840: fix improper pointer arithmetic in inftrees.c Important TuxCare License Agreement CVE-2016-9840 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517: fix multiple tarfile extraction filter bypasses (filter="tar"/filter="data") Important TuxCare License Agreement CVE-2025-4517 CVE-2025-4330 CVE-2025-4138 CVE-2024-12718 CVE-2025-4435 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-8194: fix infinite loop and deadlock in TarFile extraction and entry enumeration APIs Important TuxCare License Agreement CVE-2025-8194 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-7345: fix heap buffer overflow during base64 encoding in gdk_pixbuf__jpeg_image_load_increment() Important TuxCare License Agreement CVE-2025-7345 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-11561: prevent unexpected Kerberos principal-to-account mappings when SSSD's localauth plugin cannot resolve a principal Important TuxCare License Agreement CVE-2025-11561 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Merge python-setuptools-0.9.8-7.0.1.el7.src.rpm Important TuxCare License Agreement CVE-2025-47273 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - drm/amd/display: Skip on writeback when it's not applicable {CVE-2024-36914} - ASoC: topology: Fix references to freed memory {CVE-2024-41069} - Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966} - Bluetooth: SCO: Fix not validating setsockopt user input - drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616} - xfs: don't walk off the end of a directory data block {CVE-2024-41013} - wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937} - Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" - net/rds: Fix rs_recv_pending counting issue - LTS tag: v5.4.301 - net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg - media: s5p-mfc: remove an unused/uninitialized variable - NFSD: Fix last write offset handling in layoutcommit - NFSD: Minor cleanup in layoutcommit processing - padata: Reset next CPU when reorder sequence wraps around - KEYS: trusted_tpm1: Compare HMAC values in constant time - NFSD: Define a proc_layoutcommit for the FlexFiles layout type {CVE-2025-40087} - vfs: Don't leak disconnected dentries on umount {CVE-2025-40105} - jbd2: ensure that all ongoing I/O complete before freeing blocks - ext4: detect invalid INLINE_DATA + EXTENTS flag combination {CVE-2025-40167} - drm/amdgpu: use atomic functions with memory barriers for vm fault info - ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() {CVE-2025-40198} - spi: cadence-quadspi: Flush posted register writes before DAC access - spi: cadence-quadspi: Flush posted register writes before INDAC access - memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe - memory: samsung: exynos-srom: Correct alignment - arm64: errata: Apply workarounds for Neoverse-V3AE - arm64: cputype: Add Neoverse-V3AE definitions - comedi: fix divide-by-zero in comedi_buf_munge() {CVE-2025-40106} - binder: remove "invalid inc weak" check - xhci: dbc: enable back DbC in resume if it was enabled before suspend - usb/core/quirks: Add Huawei ME906S to wakeup quirk - USB: serial: option: add Telit FN920C04 ECM compositions - USB: serial: option: add Quectel RG255C - USB: serial: option: add UNISOC UIS7720 - net: ravb: Ensure memory write completes before ringing TX doorbell - net: usb: rtl8150: Fix frame padding - ocfs2: clear extent cache after moving/defragmenting extents - MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering - Revert "cpuidle: menu: Avoid discarding useful information" - net: bonding: fix possible peer notify event loss or dup issue - sctp: avoid NULL dereference when chunk data buffer is missing - arm64, mm: avoid always making PTE dirty in pte_mkwrite() - net: enetc: correct the value of ENETC_RXB_TRUESIZE - rtnetlink: Allow deleting FDB entries in user namespace - net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del - net: add ndo_fdb_del_bulk - net: rtnetlink: add bulk delete support flag - net: netlink: add NLM_F_BULK delete request modifier - net: rtnetlink: use BIT for flag values - net: rtnetlink: add helper to extract msg type's kind - net: rtnetlink: add msg kind names - net: rtnetlink: remove redundant assignment to variable err - m68k: bitops: Fix find_*_bit() signatures - hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() - hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() - dlm: check for defined force value in dlm_lockspace_release - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() - hfs: validate record offset in hfsplus_bmap_alloc - hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() - hfs: make proper initalization of struct hfs_find_data - hfs: clear offset and space out of valid records in b-tree node - exec: Fix incorrect type for ret - hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() {CVE-2025-40088} - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings - sched/fair: Fix pelt lost idle time detection - sched/balancing: Rename newidle_balance() => sched_balance_newidle() - sched/fair: Trivial correction of the newidle_balance() comment - sched: Make newidle_balance() static again - tls: don't rely on tx_work during send() - tls: always set record_type in tls_process_cmsg - tg3: prevent use of uninitialized remote_adv and local_adv variables - tcp: fix tcp_tso_should_defer() vs large RTT - amd-xgbe: Avoid spurious link down messages during interface toggle - net/ip6_tunnel: Prevent perpetual tunnel growth {CVE-2025-40173} - net: dlink: handle dma_map_single() failure properly - net: dl2k: switch from 'pci_' to 'dma_' API - media: pci: ivtv: Add missing check after DMA map - media: pci/ivtv: switch from 'pci_' to 'dma_' API {CVE-2024-43877} - xen/events: Update virq_to_irq on migration - media: lirc: Fix error handling in lirc_register() - media: rc: Directly use ida_free() - drm/exynos: exynos7_drm_decon: remove ctx->suspended - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() {CVE-2025-40205} - pwm: berlin: Fix wrong register in suspend/resume {CVE-2025-40188} - media: cx18: Add missing check after DMA map - xen/events: Cleanup find_virq() return codes - cramfs: Verify inode mode when loading from disk - fs: Add 'initramfs_options' to set initramfs mount options - pid: Add a judgment for ns null in pid_nr_ns {CVE-2025-40178} - minixfs: Verify inode mode when loading from disk - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference {CVE-2025-40042} - dm: fix NULL pointer dereference in __dm_suspend() {CVE-2025-40134} - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value - Squashfs: reject negative file sizes in squashfs_read_inode() {CVE-2025-40200} - Squashfs: add additional inode sanity checking - media: mc: Clear minor number before put device {CVE-2025-40197} - mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() - fs: udf: fix OOB read in lengthAllocDescs handling {CVE-2025-40044} - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O {CVE-2025-40026} - net/9p: fix double req put in p9_fd_cancelled {CVE-2025-40027} - ext4: guard against EA inode refcount underflow in xattr update {CVE-2025-40190} - ext4: correctly handle queries for metadata mappings - ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() - nfsd: nfserr_jukebox in nlm_fopen should lead to a retry - x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) - x86/umip: Check that the instruction opcode is at least two bytes - PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit - PCI/AER: Fix missing uevent on recovery when a reset is requested - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV - rseq/selftests: Use weak symbol reference, not definition, to link with glibc - rtc: interface: Fix long-standing race when setting alarm - rtc: interface: Ensure alarm irq is enabled when UIE is enabled - mmc: core: SPI mode remove cmd7 - mtd: rawnand: fsmc: Default to autodetect buswidth - sparc: fix error handling in scan_one_device() - sparc64: fix hugetlb for sun4u - sctp: Fix MAC comparison to be constant-time {CVE-2025-40204} - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() - parisc: don't reference obsolete termio struct for TC* constants - lib/genalloc: fix device leak in of_gen_pool_get() - iio: frequency: adf4350: Fix prescaler usage. - iio: dac: ad5421: use int type to store negative error codes - iio: dac: ad5360: use int type to store negative error codes - crypto: atmel - Fix dma_unmap_sg() direction - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() {CVE-2025-40194} - drm/nouveau: fix bad ret code in nouveau_bo_move_prep - media: i2c: mt9v111: fix incorrect type for ret - firmware: meson_sm: fix device leak at probe - xen/manage: Fix suspend error path - arm64: dts: qcom: msm8916: Add missing MDSS reset - ACPI: debug: fix signedness issues in read/write helpers - ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT - tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single - tpm, tpm_tis: Claim locality before writing interrupt registers - crypto: essiv - Check ssize for decryption and in-place encryption {CVE-2025-40019} - mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes - mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call - tools build: Align warning options with perf - net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). {CVE-2025-40186} - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() {CVE-2025-40187} - drm/vmwgfx: Fix Use-after-free in validation {CVE-2025-40111} - net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue {CVE-2025-40001} - scsi: mvsas: Use sas_task_find_rq() for tagging - scsi: mvsas: Delete mvs_tag_init() - scsi: libsas: Add sas_task_find_rq() - clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver - clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() - perf session: Fix handling when buffer exceeds 2 GiB - rtc: x1205: Fix Xicor X1205 vendor prefix - perf util: Fix compression checks returning -1 as bool - iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE - clocksource/drivers/clps711x: Fix resource leaks in error paths - pinctrl: check the return value of pinmux_ops::get_function_name() {CVE-2025-40030} - Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak {CVE-2025-40035} - mm: hugetlb: avoid soft lockup when mprotect to large memory area {CVE-2025-40153} - uio_hv_generic: Let userspace take care of interrupt mask {CVE-2025-40048} - Squashfs: fix uninit-value in squashfs_get_parent {CVE-2025-40049} - net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable - nfp: fix RSS hash key size when RSS is not supported - drivers/base/node: fix double free in register_one_node() - ocfs2: fix double free in user_cluster_connect() {CVE-2025-40055} - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast {CVE-2025-40140} - RDMA/siw: Always report immediate post SQ errors - usb: vhci-hcd: Prevent suspending virtually attached devices - scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() {CVE-2025-40115} - ipvs: Defer ip_vs_ftp unregister during netns cleanup {CVE-2025-40018} - NFSv4.1: fix backchannel max_resp_sz verification check - remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice - sparc: fix accurate exception reporting in copy_{from,to}_user for M7 - sparc: fix accurate exception reporting in copy_to_user for Niagara 4 - sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara {CVE-2025-40112} - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III {CVE-2025-40124} - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC {CVE-2025-40126} - IB/sa: Fix sa_local_svc_timeout_ms read race - RDMA/core: Resolve MAC of next-hop device without ARP support - wifi: mt76: fix potential memory leak in mt76_wmac_probe() - drivers/base/node: handle error properly in register_one_node() - watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog - netfilter: ipset: Remove unused htable_bits in macro ahash_region - iio: consumers: Fix offset handling in iio_convert_raw_to_processed() - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping {CVE-2025-40121} - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping {CVE-2025-40154} - ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping - pps: fix warning in pps_register_cdev when register device fail {CVE-2025-40070} - misc: genwqe: Fix incorrect cmd field being reported in error - usb: gadget: configfs: Correctly set use_os_string at bind - usb: phy: twl6030: Fix incorrect type for ret - tcp: fix __tcp_close() to only send RST when required - PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation - wifi: mwifiex: send world regulatory domain to driver - ALSA: lx_core: use int type to store negative error codes - media: rj54n1cb0c: Fix memleak in rj54n1_probe() - scsi: myrs: Fix dma_alloc_coherent() error check - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod {CVE-2025-40118} - serial: max310x: Add error checking in probe() - usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup {CVE-2025-40116} - drm/radeon/r600_cs: clean up of dead code in r600_cs - i2c: designware: Add disabling clocks when probe fails - i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD - bpf: Explicitly check accesses to bpf_sock_addr {CVE-2025-40078} - selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported - pwm: tiehrpwm: Fix corner case in clock divisor calculation - block: use int to store blk_stack_limits() return value - blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx {CVE-2025-40125} - pinctrl: meson-gxl: add missing i2c_d pinmux - soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS - ACPI: processor: idle: Fix memory leak when register cpuidle device failed - regmap: Remove superfluous check for !config in __regmap_init() - x86/vdso: Fix output operand size of RDPID - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() {CVE-2025-40081} - driver core/PM: Set power.no_callbacks along with power.no_pm - staging: axis-fifo: flush RX FIFO on read errors - staging: axis-fifo: fix maximum TX packet length check - perf subcmd: avoid crash in exclude_cmds when excludes is empty - dm-integrity: limit MAX_TAG_SIZE to 255 - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 - USB: serial: option: add SIMCom 8230C compositions - media: rc: fix races with imon_disconnect() {CVE-2025-39993} - media: imon: grab lock earlier in imon_ir_change_protocol() - media: imon: reorganize serialization - media: rc: Add support for another iMON 0xffdc device - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe {CVE-2025-39995} - media: tuner: xc5000: Fix use-after-free in xc5000_release {CVE-2025-39994} - media: tunner: xc5000: Refactor firmware load - udp: Fix memory accounting leak. {CVE-2025-22058} - media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove {CVE-2025-39996} - scsi: target: target_core_configfs: Add length check to avoid buffer overflow {CVE-2025-39998} - LTS tag: v5.4.300 - KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active - mm/hugetlb: fix folio is still mapped when deleted {CVE-2025-40006} - i40e: add mask to apply valid bits for itr_idx - i40e: fix validation of VF state in get resources {CVE-2025-39969} - i40e: fix idx validation in config queues msg {CVE-2025-39971} - i40e: add validation for ring_len param {CVE-2025-39973} - i40e: increase max descriptors for XL710 - mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() {CVE-2025-21861} - fbcon: Fix OOB access in font allocation - fbcon: fix integer overflow in fbcon_do_set_font {CVE-2025-39967} - i40e: add max boundary check for VF filters {CVE-2025-39968} - i40e: fix input validation logic for action_meta {CVE-2025-39970} - i40e: fix idx validation in i40e_validate_queue_map {CVE-2025-39972} - drm/gma500: Fix null dereference in hdmi teardown {CVE-2025-40011} - can: peak_usb: fix shift-out-of-bounds issue {CVE-2025-40020} - can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow {CVE-2025-39985} - can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow {CVE-2025-39986} - can: hi311x: populate ndo_change_mtu() to prevent buffer overflow {CVE-2025-39987} - can: rcar_can: rcar_can_resume(): fix s2ram with PSCI - IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions - usb: core: Add 0x prefix to quirks debug output - ALSA: usb-audio: Fix build with CONFIG_INPUT=n - ALSA: usb-audio: Convert comma to semicolon - ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 - ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks - ALSA: usb-audio: Simplify NULL comparison in mixer_quirks - ALSA: usb-audio: Avoid multiple assignments in mixer_quirks - ALSA: usb-audio: Fix block comments in mixer_quirks - net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer {CVE-2025-39937} - net: rfkill: gpio: add DT support - serial: sc16is7xx: fix bug in flow control levels init - USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels - usb: gadget: dummy_hcd: remove usage of list iterator past the loop body - ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message - ASoC: wm8974: Correct PLL rate rounding - ASoC: wm8940: Correct typo in control name - mmc: mvsdio: Fix dma_unmap_sg() nents value - nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} - net: liquidio: fix overflow in octeon_init_instr_queue() - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). {CVE-2025-39955} - i40e: remove redundant memory barrier when cleaning Tx descs - net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure - cgroup: split cgroup_destroy_wq into 3 workqueues {CVE-2025-39953} - pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch - wifi: mac80211: fix incorrect type for ret - ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883} - phy: ti-pipe3: fix device leak at unbind - dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees {CVE-2025-39923} - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map {CVE-2025-39869} - can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails - can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911} - i40e: Use irq_update_affinity_hint() - genirq: Provide new interfaces for affinity hints - genirq: Export affinity setter for modules - genirq/affinity: Add irq_update_affinity_desc() - igb: fix link test skipping when interface is admin down - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() {CVE-2025-39876} - USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions - USB: serial: option: add Telit Cinterion FN990A w/audio compositions - tty: hvc_console: Call hvc_kick in hvc_write unconditionally - mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing - mtd: nand: raw: atmel: Fix comment in timings preparation - mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer {CVE-2025-39907} - mm/khugepaged: fix the address passed to notifier on testing young - fuse: prevent overflow in copy_file_range return value - fuse: check if copy_file_range() returns larger than requested size - mtd: rawnand: stm32_fmc2: fix ECC overwrite - ocfs2: fix recursive semaphore deadlock in fiemap call {CVE-2025-39885} - EDAC/altera: Delete an inappropriate dma_free_coherent() call - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. {CVE-2025-39913} - net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. {CVE-2025-23143} - device-dax: correct pgoff align in dax_set_mapping() {CVE-2024-50022} - Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" - KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer - rds: Free all frags when rds_ib_recv_cache_put() fails - bpf/bpf_get,set_sockopt: add option to set TCP-BPF sock ops flags - NFSv4: Don't clear capabilities that won't be reset - power: supply: bq27xxx: restrict no-battery detection to bq27000 - power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery - usb: hub: Fix flushing of delayed work used for post resume purposes - soc: qcom: mdt_loader: Deal with zero e_shentsize - Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" - LTS tag: v5.4.299 - scsi: lpfc: Fix buffer free/clear order in deferred receive path {CVE-2025-39841} - dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() - cifs: fix integer overflow in match_server() - spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort - spi: spi-fsl-lpspi: Set correct chip-select polarity bit - spi: spi-fsl-lpspi: Fix transmissions when using CONT - pcmcia: Add error handling for add_interval() in do_validate_mem() {CVE-2025-39920} - ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model - randstruct: gcc-plugin: Fix attribute addition - randstruct: gcc-plugin: Remove bogus void member - vmxnet3: update MTU after device quiesce - net: dsa: microchip: linearize skb for tail-tagging switches - net: dsa: microchip: update tag_ksz masks for KSZ9477 family - dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() - ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup - gpio: pca953x: fix IRQ storm on system wake up - iio: light: opt3001: fix deadlock due to concurrent flag access {CVE-2025-37968} - iio: chemical: pms7003: use aligned_s64 for timestamp - cpufreq/sched: Explicitly synchronize limits_changed flag handling - mm/slub: avoid accessing metadata when pointer is invalid in object_err() {CVE-2025-39902} - mm/khugepaged: fix ->anon_vma race {CVE-2023-52935} - e1000e: fix heap overflow in e1000_set_eeprom {CVE-2025-39898} - batman-adv: fix OOB read/write in network-coding decode {CVE-2025-39839} - drm/amdgpu: drop hw access in non-DC audio fini - wifi: mwifiex: Initialize the chan_stats array to zero {CVE-2025-39891} - pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() {CVE-2025-39846} - ALSA: usb-audio: Add mute TLV for playback volumes on some devices - ppp: fix memory leak in pad_compress_skb {CVE-2025-39847} - net: atm: fix memory leak in atm_register_sysfs when device_register fail - ax25: properly unshare skbs in ax25_kiss_rcv() {CVE-2025-39848} - ipv4: Fix NULL vs error pointer check in inet_blackhole_dev_init() - net: thunder_bgx: add a missing of_node_put - wifi: libertas: cap SSID len in lbs_associate() - wifi: cw1200: cap SSID length in cw1200_do_join() - net: ethernet: mtk_eth_soc: fix tx vlan tag for llc packets - i40e: Fix potential invalid access when MAC list is empty {CVE-2025-39853} - icmp: fix icmp_ndo_send address translation for reply direction - mISDN: Fix memory leak in dsp_hwec_enable() - xirc2ps_cs: fix register access when enabling FullDuplex - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() {CVE-2025-39860} - netfilter: conntrack: helper: Replace -EEXIST by -EBUSY - wifi: cfg80211: fix use-after-free in cmp_bss() {CVE-2025-39864} - powerpc: boot: Remove leading zero in label in udelay() - hugetlbfs: take read_lock on i_mmap for PMD sharing - kallsyms: add module_kallsyms_on_each_symbol_locked - kallsyms: export module_kallsyms_on_each_symbol - clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns {CVE-2025-38499} - x86/vmscape: Warn when STIBP is disabled with SMT - x86/bugs: Move cpu_bugs_smt_update() down - x86/vmscape: Enable the mitigation - x86/vmscape: Add conditional IBPB mitigation - x86/vmscape: Add old Intel CPUs to affected list - x86/vmscape: Enumerate VMSCAPE bug - Documentation/hw-vuln: Add VMSCAPE documentation - LTS tag: v5.4.298 - Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS" - net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions - Revert "drm/amdgpu: fix incorrect vm flags to map bo" - HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() {CVE-2025-39808} - HID: wacom: Add a new Art Pen 2 - HID: asus: fix UAF via HID_CLAIMED_INPUT validation {CVE-2025-39824} - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817} - sctp: initialize more fields in sctp_v6_from_sk() {CVE-2025-39812} - net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts - net/mlx5e: Set local Xoff after FW update - net/mlx5e: Update and set Xon/Xoff upon port speed set - net/mlx5e: Update and set Xon/Xoff upon MTU set - net: dlink: fix multicast stats being counted incorrectly - atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). {CVE-2025-39828} - net/atm: remove the atmdev_ops {get, set}sockopt methods - Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced - powerpc/kvm: Fix ifdef to remove build warning - net: ipv4: fix regression in local-broadcast routes - vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() - scsi: core: sysfs: Correct sysfs attributes access rights - ftrace: Fix potential warning in trace_printk_seq during ftrace_dump {CVE-2025-39813} - pinctrl: STMFX: add missing HAS_IOMEM dependency - LTS tag: v5.4.297 - alloc_fdtable(): change calling conventions. - s390/hypfs: Enable limited access during lockdown - s390/hypfs: Avoid unnecessary ioctl registration in debugfs - ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation - net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate - net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit {CVE-2025-39766} - ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc - ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add - ALSA: usb-audio: Fix size validation in convert_chmap_v3() - scsi: qla4xxx: Prevent a potential error pointer dereference {CVE-2025-39676} - usb: xhci: Fix slot_id resource race conflict - nfs: fix UAF in direct writes {CVE-2024-26958} - NFS: Fix up commit deadlocks - cifs: Fix UAF in cifs_demultiplex_thread() {CVE-2023-52572} - Bluetooth: fix use-after-free in device_for_each_child() {CVE-2024-53237} - act_mirred: use the backlog for nested calls to mirred ingress {CVE-2022-4269} - net/sched: act_mirred: better wording on protection against excessive stack growth - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: tc_actions.sh: add matchall mirror test - net: sched: don't expose action qstats to skb_tc_reinsert() - net: sched: extract qstats update code into functions - net: sched: extract bstats update code into function - net: sched: extract common action counters update code into function - mm: perform the mapping_map_writable() check after call_mmap() - mm: update memfd seal write check to include F_SEAL_WRITE - mm: drop the assumption that VM_SHARED always implies writable - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() {CVE-2025-37798} - sch_qfq: make qfq_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent {CVE-2025-38177} - sch_drr: make drr_qlen_notify() idempotent - btrfs: populate otime when logging an inode item - media: venus: hfi: explicitly release IRQ during teardown - f2fs: fix to avoid out-of-boundary access in dnode page {CVE-2025-38677} - media: venus: protect against spurious interrupts during probe {CVE-2025-39709} - media: qcom: camss: cleanup media device allocated resource on error path - media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. - drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS - pwm: mediatek: Fix duty and period setting - pwm: mediatek: Handle hardware enable and clock enable separately - pwm: mediatek: Implement .apply() callback - media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() {CVE-2025-39713} - media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() - media: v4l2-ctrls: always copy the controls on completion - ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig - soc: qcom: mdt_loader: Ensure we don't read past the ELF header {CVE-2025-39787} - rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 - usb: musb: omap2430: fix device leak at unbind - NFS: Fix the setting of capabilities when automounting a new filesystem {CVE-2025-39798} - NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode() - NFSv4: Fix nfs4_bitmap_copy_adjust() - usb: typec: fusb302: cache PD RX state - cdc-acm: fix race between initial clearing halt and open - USB: cdc-acm: do not log successful probe on later errors - mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock {CVE-2025-39736} - mm/kmemleak: turn kmemleak_lock and object->lock to raw_spinlock_t - ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() - x86/fpu: Delay instruction pointer fixup until after warning - mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() {CVE-2025-38724} - pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov - tracing: Add down_write(trace_event_sem) when adding trace event {CVE-2025-38539} - usb: hub: Don't try to recover devices lost during warm reset. - usb: hub: avoid warm port reset during USB3 disconnect - x86/mce/amd: Add default names for MCA banks and blocks - iio: hid-sensor-prox: Fix incorrect OFFSET calculation - f2fs: fix to do sanity check on ino and xnid {CVE-2025-38347} - mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n - mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage() - drm/sched: Remove optimization that causes hang when killing dependent jobs - ice: Fix a null pointer dereference in ice_copy_and_init_pkg() {CVE-2025-38664} - net: usbnet: Fix the wrong netif_carrier_on() call - net: usbnet: Avoid potential RCU stall on LINK_CHANGE event - PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports - ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value {CVE-2022-50327} - comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large {CVE-2025-38481} - comedi: Fix initialization of data for instructions that write to subdevice {CVE-2025-38478} - kbuild: Add KBUILD_CPPFLAGS to as-option invocation - kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS - kbuild: Add CLANG_FLAGS to as-instr - mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation - kbuild: Update assembler calls to use proper flags and language target - ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS - usb: dwc3: Ignore late xferNotReady event to prevent halt timeout - USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles - usb: storage: realtek_cr: Use correct byte order for bcs->Residue - USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera - usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive - iio: proximity: isl29501: fix buffered read on big-endian systems - ftrace: Also allocate and copy hash for reading of filter files {CVE-2025-39689} - fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() - use uniform permission checks for all mount propagation changes - move_mount: allow to add a mount into an existing group - fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691} - drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs - drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 - memstick: Fix deadlock by moving removing flag earlier - media: venus: Add a check for packet size after reading from shared memory {CVE-2025-39710} - media: ov2659: Fix memory leaks in ov2659_probe() - media: usbtv: Lock resolution while streaming {CVE-2025-39714} - media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() - media: gspca: Add bounds checking to firmware parser - soc/tegra: pmc: Ensure power-domains are in a known state - jbd2: prevent softlockup in jbd2_log_do_checkpoint() {CVE-2025-39782} - PCI: endpoint: Fix configfs group removal on driver teardown - PCI: endpoint: Fix configfs group list head handling {CVE-2025-39783} - mtd: rawnand: fsmc: Add missing check after DMA map - pwm: imx-tpm: Reset counter if CMOD is 0 - wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() - zynq_fpga: use sgtable-based scatterlist wrappers - ata: libata-scsi: Fix ata_to_sense_error() status handling - ext4: fix reserved gdt blocks handling in fsmap - ext4: fix fsmap end of range reporting with bigalloc - ext4: check fast symlink for ea_inode correctly - vt: defkeymap: Map keycodes above 127 to K_HOLE - vt: keyboard: Don't process Unicode characters in K_OFF mode - usb: dwc3: meson-g12a: fix device leaks at unbind - usb: gadget: udc: renesas_usb3: fix device leak at unbind - usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() - m68k: Fix lost column on framebuffer debug console - cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() - serial: 8250: fix panic due to PSLVERR {CVE-2025-39724} - media: uvcvideo: Do not mark valid metadata as invalid - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} - mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() {CVE-2025-39737} - parisc: Makefile: fix a typo in palo.conf - btrfs: fix log tree replay failure due to file with 0 links and extents - thunderbolt: Fix copy+paste error in match_service_id() - comedi: fix race between polling and detaching {CVE-2025-38687} - misc: rtsx: usb: Ensure mmc child device is active when card is present - drm/amdgpu: fix incorrect vm flags to map bo - scsi: lpfc: Remove redundant assignment to avoid memory leak - rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe - pNFS: Fix uninited ptr deref in block/scsi layout {CVE-2025-38691} - pNFS: Handle RPC size limit for layoutcommits - pNFS: Fix disk addr range check in block/scsi layout - pNFS: Fix stripe mapping in block/scsi layout - net: phy: smsc: add proper reset flags for LAN8710A - ipmi: Fix strcpy source and destination the same - kconfig: lxdialog: fix 'space' to (de)select options - kconfig: gconf: fix potential memory leak in renderer_edited() - kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() - ipmi: Use dev_warn_ratelimited() for incorrect message warnings - scsi: aacraid: Stop using PCI_IRQ_AFFINITY - scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans - kconfig: nconf: Ensure null termination where strncpy is used - kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c - i3c: don't fail if GETHDRCAP is unsupported - PCI: pnv_php: Work around switches with broken presence detection - i3c: add missing include to internal header - media: uvcvideo: Fix bandwidth issue for Alcor camera - media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar {CVE-2025-38693} - media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() {CVE-2025-38694} - media: usb: hdpvr: disable zero-length read messages - media: tc358743: Increase FIFO trigger level to 374 - media: tc358743: Return an appropriate colorspace from tc358743_set_fmt - media: tc358743: Check I2C succeeded during probe - pinctrl: stm32: Manage irq affinity settings - scsi: mpt3sas: Correctly handle ATA device errors - scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure {CVE-2025-38695} - RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() {CVE-2025-39742} - MIPS: Don't crash in stack_top() for tasks without ABI or vDSO {CVE-2025-38696} - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697} - jfs: Regular file corruption check {CVE-2025-38698} - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743} - scsi: bfa: Double-free fix {CVE-2025-38699} - MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} - watchdog: dw_wdt: Fix default timeout - fs/orangefs: use snprintf() instead of sprintf() - scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated {CVE-2025-38700} - ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr {CVE-2025-38701} - cifs: Fix calling CIFSFindFirst() for root path without msearch - vhost: fail early when __vhost_add_used() fails - net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325 - uapi: in6: restore visibility of most IPv6 socket options - net: ncsi: Fix buffer overflow in fetching version id - net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 - net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 - net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs - wifi: iwlegacy: Check rate_idx range after addition - netmem: fix skb_frag_address_safe with unreadable skbs - wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. - wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect - wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() - net: fec: allow disable coalescing - (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer - s390/stp: Remove udelay from stp_sync_clock() - wifi: iwlwifi: mvm: fix scan request validation - net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() - net: ipv4: fix incorrect MTU in broadcast routes - wifi: cfg80211: Fix interface type validation - rcu: Protect ->defer_qs_iw_pending from data race {CVE-2025-39749} - net: ag71xx: Add missing check after DMA map - et131x: Add missing check after DMA map - be2net: Use correct byte order and format string for TCP seq and ack_seq - s390/time: Use monotonic clock in get_cycles() - wifi: cfg80211: reject HTC bit for management frames - ktest.pl: Prevent recursion of default variable options - ASoC: codecs: rt5640: Retry DEVICE_ID verification - ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751} - platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches - pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() - usb: core: usb_submit_urb: downgrade type check - ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 - ASoC: hdac_hdmi: Rate limit logging on connection and disconnection - mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() - ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path - ACPI: processor: fix acpi_object initialization - PM: sleep: console: Fix the black screen issue - thermal: sysfs: Return ENODATA instead of EAGAIN for reads - PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() - selftests: tracing: Use mutex_unlock for testing glob filter - ARM: tegra: Use I/O memcpy to write to IRAM {CVE-2025-39794} - gpio: tps65912: check the return value of regmap_update_bits() - ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed - ARM: rockchip: fix kernel hang during smp initialization {CVE-2025-39752} - cpufreq: Exit governor when failed to start old governor - usb: xhci: Avoid showing errors during surprise removal - usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command - usb: xhci: Avoid showing warnings for dying controller - selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t - usb: xhci: print xhci->xhc_state when queue_command failed - securityfs: don't pin dentries twice, once is enough... - hfs: fix not erasing deleted b-tree node issue - drbd: add missing kref_get in handle_write_conflicts {CVE-2025-38708} - udf: Verify partition map count - arm64: Handle KCOV __init vs inline mismatches - hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() {CVE-2025-38712} - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-40082} - hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() {CVE-2025-38714} - hfs: fix slab-out-of-bounds in hfs_bnode_read() {CVE-2025-38715} - sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718} - netfilter: ctnetlink: fix refcount leak on table dump {CVE-2025-38721} - udp: also consider secpath when evaluating ipsec use for checksumming - ACPI: processor: perflib: Move problematic pr->performance check {CVE-2025-39799} - ACPI: processor: perflib: Fix initial _PPC limit application - Documentation: ACPI: Fix parent device references - fs: Prevent file descriptor table allocations exceeding INT_MAX {CVE-2025-39756} - sunvdc: Balance device refcount in vdc_port_mpgroup_check - NFSD: detect mismatch of file handle and delegation stateid in OPEN op - net: dpaa: fix device leak when querying time stamp info - net: gianfar: fix device leak when querying time stamp info - netlink: avoid infinite retry looping in netlink_unicast() {CVE-2025-38727} - ALSA: usb-audio: Validate UAC3 cluster segment descriptors {CVE-2025-39757} - ALSA: usb-audio: Validate UAC3 power domain descriptors, too {CVE-2025-38729} - io_uring: don't use int for ABI - usb: gadget : fix use-after-free in composite_dev_cleanup() {CVE-2025-38555} - MIPS: mm: tlb-r4k: Uniquify TLB entries on init - USB: serial: option: add Foxconn T99W709 - vsock: Do not allow binding to VMADDR_PORT_ANY {CVE-2025-38618} - net/packet: fix a race in packet_set_ring() and packet_notifier() {CVE-2025-38617} - perf/core: Prevent VMA split of buffer mappings {CVE-2025-38563} - perf/core: Exit early on perf_mmap() fail {CVE-2025-38565} - perf/core: Don't leak AUX buffer refcount on allocation failure - pptp: fix pptp_xmit() error path - smb: client: let recv_done() cleanup before notifying the callers. - benet: fix BUG when creating VFs {CVE-2025-38569} - net: drop UFO packets in udp_rcv_segment() {CVE-2025-38622} - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} - pptp: ensure minimal skb length in pptp_xmit() {CVE-2025-38574} - netpoll: prevent hanging NAPI when netcons gets enabled - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() {CVE-2025-39730} - pci/hotplug/pnv-php: Wrap warnings in macro - pci/hotplug/pnv-php: Improve error msg on power state change failure - usb: chipidea: udc: fix sleeping function called from invalid context - f2fs: fix to avoid out-of-boundary access in devs.path {CVE-2025-38652} - f2fs: fix to avoid panic in f2fs_evict_inode {CVE-2025-38577} - f2fs: fix to avoid UAF in f2fs_sync_inode_meta() {CVE-2025-38578} - rtc: pcf8563: fix incorrect maximum clock rate handling - rtc: hym8563: fix incorrect maximum clock rate handling - rtc: ds1307: fix incorrect maximum clock rate handling - module: Restore the moduleparam prefix length check - bpf: Check flow_dissector ctx accesses are aligned - mtd: rawnand: atmel: set pmecc data setup time - mtd: rawnand: atmel: Fix dma_mapping_error() address - jfs: fix metapage reference count leak in dbAllocCtl - fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref {CVE-2025-38630} - crypto: qat - fix seq_file position update in adf_ring_next() - dmaengine: nbpfaxi: Add missing check after DMA map - dmaengine: mv_xor: Fix missing check after DMA map and missing unmap - fs/orangefs: Allow 2 more characters in do_c_string() - soundwire: stream: restore params when prepare ports fail - crypto: img-hash - Fix dma_unmap_sg() nents value - hwrng: mtk - handle devm_pm_runtime_enable errors - watchdog: ziirave_wdt: check record length in ziirave_firm_verify() - scsi: isci: Fix dma_unmap_sg() nents value - scsi: mvsas: Fix dma_unmap_sg() nents value - scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value - clk: sunxi-ng: v3s: Fix de clock definition - perf tests bp_account: Fix leaked file descriptor - crypto: ccp - Fix crash when rebind ccp device for ccp.ko {CVE-2025-38581} - pinctrl: sunxi: Fix memory leak on krealloc failure - power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set - clk: davinci: Add NULL check in davinci_lpsc_clk_register() {CVE-2025-38635} - mtd: fix possible integer overflow in erase_xfer() - crypto: marvell/cesa - Fix engine load inaccuracy - PCI: rockchip-host: Fix "Unexpected Completion" log message - vrf: Drop existing dst reference in vrf_ip6_input_dst - selftests: rtnetlink.sh: remove esp4_offload after test - netfilter: xt_nfacct: don't assume acct name is null-terminated {CVE-2025-38639} - can: kvaser_usb: Assign netdev.dev_port based on device channel index - can: kvaser_pciefd: Store device channel index - wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE - mwl8k: Add missing check after DMA map - wifi: rtl8xxxu: Fix RX skb size for aggregation disabled - net/sched: Restrict conditions for adding duplicating netems to qdisc tree {CVE-2025-38553} - arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX - drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value - m68k: Don't unregister boot console needlessly - tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range - iwlwifi: Add missing check for alloc_ordered_workqueue {CVE-2025-38656} - wifi: iwlwifi: Fix memory leak in iwl_mvm_init() - wifi: rtl818x: Kill URBs before clearing tx status queue {CVE-2025-38604} - caif: reduce stack size, again - bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure - bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls {CVE-2025-38608} - staging: nvec: Fix incorrect null termination of battery manufacturer - samples: mei: Fix building on musl libc - cpufreq: Init policy->rwsem before it may be possibly used - ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface - usb: early: xhci-dbc: Fix early_ioremap leak - Revert "vmci: Prevent the dispatching of uninitialized payloads" {CVE-2025-38611} - pps: fix poll support - vmci: Prevent the dispatching of uninitialized payloads {CVE-2025-38611} - staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() {CVE-2025-38612} - ARM: dts: vfxxx: Correctly use two tuples for timer address - hfsplus: remove mutex_lock check in hfsplus_free_extents {CVE-2025-38650} - ASoC: Intel: fix SND_SOC_SOF dependencies - ethernet: intel: fix building with large NR_CPUS - usb: phy: mxs: disconnect line when USB charger is attached - usb: chipidea: add USB PHY event - usb: chipidea: introduce CI_HDRC_CONTROLLER_VBUS_EVENT glue layer use - usb: chipidea: udc: protect usb interrupt enable - usb: chipidea: udc: add new API ci_hdrc_gadget_connect - ALSA: hda: Add missing NVIDIA HDA codec IDs - comedi: comedi_test: Fix possible deletion of uninitialized timers - nilfs2: reject invalid file types when reading inodes {CVE-2025-38663} - i2c: qup: jump out of the loop in case of timeout {CVE-2025-38671} - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class - net: appletalk: Fix use-after-free in AARP proxy probe {CVE-2025-38666} - net: appletalk: fix kerneldoc warnings - RDMA/core: Rate limit GID cache warning messages - regulator: core: fix NULL dereference on unbind due to stale coupling data {CVE-2025-38668} - usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm - usb: hub: fix detection of high tier USB3 devices behind suspended hubs - net_sched: sch_sfq: reject invalid perturb period {CVE-2025-38193} - power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition {CVE-2023-33288} - power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync - power: supply: bq24190_charger: Fix runtime PM imbalance on error - xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS - virtio-net: ensure the received length does not exceed allocated size {CVE-2025-38375} - ASoC: fsl_sai: Force a software reset when starting in consumer mode - usb: dwc3: qcom: Don't leave BCR asserted - usb: musb: fix gadget state on disconnect - net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree {CVE-2025-38468} - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime {CVE-2025-38470} - Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU - Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout - Bluetooth: SMP: If an unallowed command is received consider it a failure - Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() {CVE-2025-38473} - usb: net: sierra: check for no status endpoint {CVE-2025-38474} - net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} - net: emaclite: Fix missing pointer increment in aligned_read() - comedi: Fix use of uninitialized data in insn_rw_emulate_bits() {CVE-2025-38480} - comedi: Fix some signed shift left operations - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482} - comedi: das16m1: Fix bit shift out of bounds {CVE-2025-38483} - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529} - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530} - iio: adc: stm32-adc: Fix race in installing chained IRQ handler - iio: adc: max1363: Reorder mode_list[] entries - iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled {CVE-2025-38487} - soc: aspeed: lpc-snoop: Cleanup resources in stack-order - mmc: sdhci_am654: Workaround for Errata i2312 - mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models - mmc: bcm2835: Fix dma_unmap_sg() nents value - memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() - isofs: Verify inode mode when loading from disk - dmaengine: nbpfaxi: Fix memory corruption in probe() {CVE-2025-38538} - af_packet: fix soft lockup issue caused by tpacket_snd() - af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() - phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept() - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} - HID: core: ensure __hid_request reserves the report ID as the first byte - HID: core: ensure the allocated report buffer can contain the reserved report ID {CVE-2025-38495} - pch_uart: Fix dma_sync_sg_for_device() nents value - Input: xpad - set correct controller type for Acer NGR200 - i2c: stm32: fix the device used for the DMA map - usb: gadget: configfs: Fix OOB read on empty string write {CVE-2025-38497} - USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI - USB: serial: option: add Foxconn T99W640 - USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition - LTS tag: v5.4.296 - x86/mm: Disable hugetlb page table sharing on 32-bit - Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID - HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras {CVE-2025-38540} - HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY - vt: add missing notification when switching back to text mode - net: usb: qmi_wwan: add SIMCom 8230C composition - atm: idt77252: Add missing `dma_map_error()` - bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT {CVE-2025-38439} - bnxt_en: Fix DCB ETS validation - can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level - net: phy: microchip: limit 100M workaround to link-down events on LAN88xx - net: appletalk: Fix device refcount leak in atrtr_create() {CVE-2025-38542} - md/raid1: Fix stack memory use after return in raid1_reshape {CVE-2025-38445} - wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() {CVE-2025-38513} - dma-buf: fix timeout handling in dma_resv_wait_timeout v2 - Input: xpad - support Acer NGR 200 Controller - Input: xpad - add VID for Turtle Beach controllers - Input: xpad - add support for Amazon Game Controller - NFSv4/flexfiles: Fix handling of NFS level errors in I/O - flexfiles/pNFS: update stats on NFS4ERR_DELAY for v4.1 DSes - RDMA/mlx5: Fix vport loopback for MPV device - netlink: Fix rmem check in netlink_broadcast_deliver(). - netlink: make sure we allow at least one dump skb - Revert "ACPI: battery: negate current when discharging" - usb: gadget: u_serial: Fix race condition in TTY wakeup {CVE-2025-38448} - drm/sched: Increment job count before swapping tail spsc queue {CVE-2025-38515} - pinctrl: qcom: msm: mark certain pins as invalid for interrupts {CVE-2025-38516} - x86/mce: Make sure CMCI banks are cleared during shutdown on Intel - x86/mce: Don't remove sysfs if thresholding sysfs init fails - x86/mce/amd: Fix threshold limit reset - rxrpc: Fix oops due to non-existence of prealloc backlog struct {CVE-2025-38514} - net/sched: Abort __tc_modify_qdisc if parent class does not exist {CVE-2025-38457} - atm: clip: Fix NULL pointer dereference in vcc_sendmsg() {CVE-2025-38458} - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} - atm: clip: Fix memory leak of struct clip_vcc. {CVE-2025-38546} - atm: clip: Fix potential null-ptr-deref in to_atmarpd(). {CVE-2025-38460} - tipc: Fix use-after-free in tipc_conn_close(). {CVE-2025-38464} - netlink: Fix wraparounds of sk->sk_rmem_alloc. {CVE-2025-38465} - fix proc_sys_compare() handling of in-lookup dentries - proc: Clear the pieces of proc_inode that proc_evict_inode cares about - drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling {CVE-2025-38467} - staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() - media: uvcvideo: Rollback non processed entities on error - media: uvcvideo: Send control events for partial succeeds - media: uvcvideo: Return the number of processed controls - ACPI: PAD: fix crash in exit_round_robin() {CVE-2024-49935} - usb: typec: displayport: Fix potential deadlock {CVE-2025-38404} - Logitech C-270 even more broken - rose: fix dangling neighbour pointers in rose_rt_device_down() {CVE-2025-38377} - net: rose: Fix fall-through warnings for Clang - drm/i915/gt: Fix timeline left held on VMA alloc error {CVE-2025-38389} - drm/i915/selftests: Change mock_request() to return error pointers - spi: spi-fsl-dspi: Clear completion counter before initiating transfer - spi: spi-fsl-dspi: Fix interrupt-less DMA mode taking an XSPI code path - spi: spi-fsl-dspi: Rename fifo_{read,write} and {tx,cmd}_fifo_write - dpaa2-eth: fix xdp_rxq_info leak - ethernet: atl1: Add missing DMA mapping error checks and count errors - btrfs: use btrfs_record_snapshot_destroy() during rmdir - btrfs: propagate last_unlink_trans earlier when doing a rmdir - RDMA/mlx5: Fix CC counters query for MPV - RDMA/core: Create and destroy counters in the ib_core - scsi: ufs: core: Fix spelling of a sysfs attribute name - drm/v3d: Disable interrupts before resetting the GPU {CVE-2025-38371} - mtk-sd: reset host->mrq on prepare_data() error - mtk-sd: Prevent memory corruption from DMA map failure {CVE-2025-38401} - mmc: mediatek: use data instead of mrq parameter from msdc_{un}prepare_data() - regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods {CVE-2025-38395} - regulator: gpio: Add input_supply support in gpio_regulator_config - ACPICA: Refuse to evaluate a method if arguments are missing {CVE-2025-38386} - wifi: ath6kl: remove WARN on bad firmware input {CVE-2025-38406} - wifi: mac80211: drop invalid source address OCB frames - powerpc: Fix struct termio related ioctl macros - ata: pata_cs5536: fix build on 32-bit UML - ALSA: sb: Force to disable DMAs once when DMA mode is changed - nui: Fix dma_mapping_error() check - enic: fix incorrect MTU comparison in enic_change_mtu() - amd-xgbe: align CL37 AN sequence as per databook - lib: test_objagg: Set error message in check_expect_hints_stats() - drm/exynos: fimd: Guard display clock control with runtime PM calls - btrfs: fix missing error handling when searching for inode refs during log replay - scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() - nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. {CVE-2025-38400} - RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert {CVE-2025-38387} - platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment - mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data - usb: typec: altmodes/displayport: do not index invalid pin_assignments {CVE-2025-38391} - mmc: sdhci: Add a helper function for dump register in dynamic debug mode - vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403} - btrfs: don't abort filesystem when attempting to snapshot deleted subvolume {CVE-2024-26644} - arm64: Restrict pagetable teardown to avoid false warning - s390: Add '-std=gnu11' to decompressor and purgatory CFLAGS - drm/bridge: cdns-dsi: Check return value when getting default PHY config - drm/bridge: cdns-dsi: Fix connecting to next bridge - drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() - drm/tegra: Assign plane type before registration - HID: wacom: fix kobject reference count leak - HID: wacom: fix memory leak on sysfs attribute creation failure - HID: wacom: fix memory leak on kobject creation failure - dm-raid: fix variable in journal device check - Bluetooth: L2CAP: Fix L2CAP MTU negotiation - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} - net: enetc: Correct endianness handling in _enetc_rd_reg64 - um: ubd: Add missing error check in start_io_thread() - vsock/uapi: fix linux/vm_sockets.h userspace compilation errors - wifi: mac80211: fix beacon interval calculation overflow - attach_recursive_mnt(): do not lock the covering tree when sliding something under it - ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() {CVE-2025-38249} - i2c: robotfuzz-osif: disable zero-length read messages - i2c: tiny-usb: disable zero-length read messages - RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction {CVE-2025-38211} - RDMA/core: Use refcount_t instead of atomic_t on refcount of iwcm_id_private - media: vivid: Change the siize of the composing {CVE-2025-38226} - media: omap3isp: use sgtable-based scatterlist wrappers - media: cxusb: no longer judge rbuf when the write fails {CVE-2025-38229} - media: cxusb: use dev_dbg() rather than hand-rolled debug - jfs: validate AG parameters in dbMount() to prevent crashes {CVE-2025-38230} - fs/jfs: consolidate sanity checking in dbMount - ASoC: meson: meson-card-utils: use of_property_present() for DT parsing - of: Add of_property_present() helper - of: property: define of_property_read_u{8,16,32,64}_array() unconditionally - kbuild: hdrcheck: fix cross build with clang - kbuild: add --target to correctly cross-compile UAPI headers with Clang - bpfilter: match bit size of bpfilter_umh to that of the kernel - kbuild: use -MMD instead of -MD to exclude system headers from dependency - VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify {CVE-2025-38102} - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} - ovl: Check for NULL d_inode() in ovl_dentry_upper() - ceph: fix possible integer overflow in ceph_zero_objects() - ALSA: hda: Ignore unsol events for cards being shut down - usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode {CVE-2025-38404} - usb: cdc-wdm: avoid setting WDM_READ for ZLP-s - usb: Add checks for snprintf() calls in usb_alloc_dev() - tty: serial: uartlite: register uart driver in init {CVE-2025-38262} - usb: potential integer overflow in usbg_make_tpg() - iio: pressure: zpa2326: Use aligned_s64 for the timestamp - md/md-bitmap: fix dm-raid max_write_behind setting - dmaengine: xilinx_dma: Set dma_device directions - mfd: max14577: Fix wakeup source leaks on device unbind - mailbox: Not protect module_put with spin_lock_irqsave - cifs: Fix cifs_query_path_info() for Windows NT servers - net/rds: Fix rs_recv_pending counting issue - LTS tag: v5.4.301 - net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg - media: s5p-mfc: remove an unused/uninitialized variable - NFSD: Fix last write offset handling in layoutcommit - NFSD: Minor cleanup in layoutcommit processing - padata: Reset next CPU when reorder sequence wraps around - KEYS: trusted_tpm1: Compare HMAC values in constant time - NFSD: Define a proc_layoutcommit for the FlexFiles layout type - vfs: Don't leak disconnected dentries on umount - jbd2: ensure that all ongoing I/O complete before freeing blocks - ext4: detect invalid INLINE_DATA + EXTENTS flag combination - drm/amdgpu: use atomic functions with memory barriers for vm fault info - ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() - spi: cadence-quadspi: Flush posted register writes before DAC access - spi: cadence-quadspi: Flush posted register writes before INDAC access - memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe - memory: samsung: exynos-srom: Correct alignment - arm64: errata: Apply workarounds for Neoverse-V3AE - arm64: cputype: Add Neoverse-V3AE definitions - comedi: fix divide-by-zero in comedi_buf_munge() - binder: remove "invalid inc weak" check - xhci: dbc: enable back DbC in resume if it was enabled before suspend - usb/core/quirks: Add Huawei ME906S to wakeup quirk - USB: serial: option: add Telit FN920C04 ECM compositions - USB: serial: option: add Quectel RG255C - USB: serial: option: add UNISOC UIS7720 - net: ravb: Ensure memory write completes before ringing TX doorbell - net: usb: rtl8150: Fix frame padding - ocfs2: clear extent cache after moving/defragmenting extents - MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering - Revert "cpuidle: menu: Avoid discarding useful information" - net: bonding: fix possible peer notify event loss or dup issue - sctp: avoid NULL dereference when chunk data buffer is missing - arm64, mm: avoid always making PTE dirty in pte_mkwrite() - net: enetc: correct the value of ENETC_RXB_TRUESIZE - rtnetlink: Allow deleting FDB entries in user namespace - net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del - net: add ndo_fdb_del_bulk - net: rtnetlink: add bulk delete support flag - net: netlink: add NLM_F_BULK delete request modifier - net: rtnetlink: use BIT for flag values - net: rtnetlink: add helper to extract msg type's kind - net: rtnetlink: add msg kind names - net: rtnetlink: remove redundant assignment to variable err - m68k: bitops: Fix find_*_bit() signatures - hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() - hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() - dlm: check for defined force value in dlm_lockspace_release - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() - hfs: validate record offset in hfsplus_bmap_alloc - hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() - hfs: make proper initalization of struct hfs_find_data - hfs: clear offset and space out of valid records in b-tree node - exec: Fix incorrect type for ret - hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings - sched/fair: Fix pelt lost idle time detection - sched/balancing: Rename newidle_balance() => sched_balance_newidle() - sched/fair: Trivial correction of the newidle_balance() comment - sched: Make newidle_balance() static again - tls: don't rely on tx_work during send() - tls: always set record_type in tls_process_cmsg - tg3: prevent use of uninitialized remote_adv and local_adv variables - tcp: fix tcp_tso_should_defer() vs large RTT - amd-xgbe: Avoid spurious link down messages during interface toggle - net/ip6_tunnel: Prevent perpetual tunnel growth - net: dlink: handle dma_map_single() failure properly - net: dl2k: switch from 'pci_' to 'dma_' API - media: pci: ivtv: Add missing check after DMA map - media: pci/ivtv: switch from 'pci_' to 'dma_' API - xen/events: Update virq_to_irq on migration - media: lirc: Fix error handling in lirc_register() - media: rc: Directly use ida_free() - drm/exynos: exynos7_drm_decon: remove ctx->suspended - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() - pwm: berlin: Fix wrong register in suspend/resume - media: cx18: Add missing check after DMA map - xen/events: Cleanup find_virq() return codes - cramfs: Verify inode mode when loading from disk - fs: Add 'initramfs_options' to set initramfs mount options - pid: Add a judgment for ns null in pid_nr_ns - minixfs: Verify inode mode when loading from disk - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference - dm: fix NULL pointer dereference in __dm_suspend() - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value - Squashfs: reject negative file sizes in squashfs_read_inode() - Squashfs: add additional inode sanity checking - media: mc: Clear minor number before put device - mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() - fs: udf: fix OOB read in lengthAllocDescs handling - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O - net/9p: fix double req put in p9_fd_cancelled - ext4: guard against EA inode refcount underflow in xattr update - ext4: correctly handle queries for metadata mappings - ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() - nfsd: nfserr_jukebox in nlm_fopen should lead to a retry - x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) - x86/umip: Check that the instruction opcode is at least two bytes - PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit - PCI/AER: Fix missing uevent on recovery when a reset is requested - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV - rseq/selftests: Use weak symbol reference, not definition, to link with glibc - rtc: interface: Fix long-standing race when setting alarm - rtc: interface: Ensure alarm irq is enabled when UIE is enabled - mmc: core: SPI mode remove cmd7 - mtd: rawnand: fsmc: Default to autodetect buswidth - sparc: fix error handling in scan_one_device() - sparc64: fix hugetlb for sun4u - sctp: Fix MAC comparison to be constant-time - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() - parisc: don't reference obsolete termio struct for TC* constants - lib/genalloc: fix device leak in of_gen_pool_get() - iio: frequency: adf4350: Fix prescaler usage. - iio: dac: ad5421: use int type to store negative error codes - iio: dac: ad5360: use int type to store negative error codes - crypto: atmel - Fix dma_unmap_sg() direction - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() - drm/nouveau: fix bad ret code in nouveau_bo_move_prep - media: i2c: mt9v111: fix incorrect type for ret - firmware: meson_sm: fix device leak at probe - xen/manage: Fix suspend error path - arm64: dts: qcom: msm8916: Add missing MDSS reset - ACPI: debug: fix signedness issues in read/write helpers - ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT - tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single - tpm, tpm_tis: Claim locality before writing interrupt registers - crypto: essiv - Check ssize for decryption and in-place encryption - mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes - mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call - tools build: Align warning options with perf - net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() - drm/vmwgfx: Fix Use-after-free in validation - net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue - scsi: mvsas: Use sas_task_find_rq() for tagging - scsi: mvsas: Delete mvs_tag_init() - scsi: libsas: Add sas_task_find_rq() - clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver - clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() - perf session: Fix handling when buffer exceeds 2 GiB - rtc: x1205: Fix Xicor X1205 vendor prefix - perf util: Fix compression checks returning -1 as bool - iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE - clocksource/drivers/clps711x: Fix resource leaks in error paths - pinctrl: check the return value of pinmux_ops::get_function_name() - Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak - mm: hugetlb: avoid soft lockup when mprotect to large memory area - uio_hv_generic: Let userspace take care of interrupt mask - Squashfs: fix uninit-value in squashfs_get_parent - net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable - nfp: fix RSS hash key size when RSS is not supported - drivers/base/node: fix double free in register_one_node() - ocfs2: fix double free in user_cluster_connect() - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast - RDMA/siw: Always report immediate post SQ errors - usb: vhci-hcd: Prevent suspending virtually attached devices - scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() - ipvs: Defer ip_vs_ftp unregister during netns cleanup - NFSv4.1: fix backchannel max_resp_sz verification check - remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice - sparc: fix accurate exception reporting in copy_{from,to}_user for M7 - sparc: fix accurate exception reporting in copy_to_user for Niagara 4 - sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC - IB/sa: Fix sa_local_svc_timeout_ms read race - RDMA/core: Resolve MAC of next-hop device without ARP support - wifi: mt76: fix potential memory leak in mt76_wmac_probe() - drivers/base/node: handle error properly in register_one_node() - watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog - netfilter: ipset: Remove unused htable_bits in macro ahash_region - iio: consumers: Fix offset handling in iio_convert_raw_to_processed() - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping - ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping - pps: fix warning in pps_register_cdev when register device fail - misc: genwqe: Fix incorrect cmd field being reported in error - usb: gadget: configfs: Correctly set use_os_string at bind - usb: phy: twl6030: Fix incorrect type for ret - tcp: fix __tcp_close() to only send RST when required - PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation - wifi: mwifiex: send world regulatory domain to driver - ALSA: lx_core: use int type to store negative error codes - media: rj54n1cb0c: Fix memleak in rj54n1_probe() - scsi: myrs: Fix dma_alloc_coherent() error check - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod - serial: max310x: Add error checking in probe() - usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup - drm/radeon/r600_cs: clean up of dead code in r600_cs - i2c: designware: Add disabling clocks when probe fails - i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD - bpf: Explicitly check accesses to bpf_sock_addr - selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported - pwm: tiehrpwm: Fix corner case in clock divisor calculation - block: use int to store blk_stack_limits() return value - blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx - pinctrl: meson-gxl: add missing i2c_d pinmux - soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS - ACPI: processor: idle: Fix memory leak when register cpuidle device failed - regmap: Remove superfluous check for !config in __regmap_init() - x86/vdso: Fix output operand size of RDPID - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() - driver core/PM: Set power.no_callbacks along with power.no_pm - staging: axis-fifo: flush RX FIFO on read errors - staging: axis-fifo: fix maximum TX packet length check - perf subcmd: avoid crash in exclude_cmds when excludes is empty - dm-integrity: limit MAX_TAG_SIZE to 255 - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 - USB: serial: option: add SIMCom 8230C compositions - media: rc: fix races with imon_disconnect() - media: imon: grab lock earlier in imon_ir_change_protocol() - media: imon: reorganize serialization - media: rc: Add support for another iMON 0xffdc device - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe - media: tuner: xc5000: Fix use-after-free in xc5000_release - media: tunner: xc5000: Refactor firmware load - udp: Fix memory accounting leak. - media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove - scsi: target: target_core_configfs: Add length check to avoid buffer overflow - LTS tag: v5.4.300 - KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active - mm/hugetlb: fix folio is still mapped when deleted - i40e: add mask to apply valid bits for itr_idx - i40e: fix validation of VF state in get resources - i40e: fix idx validation in config queues msg - i40e: add validation for ring_len param - i40e: increase max descriptors for XL710 - mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() - fbcon: Fix OOB access in font allocation - fbcon: fix integer overflow in fbcon_do_set_font - i40e: add max boundary check for VF filters - i40e: fix input validation logic for action_meta - i40e: fix idx validation in i40e_validate_queue_map - drm/gma500: Fix null dereference in hdmi teardown - can: peak_usb: fix shift-out-of-bounds issue - can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow - can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow - can: hi311x: populate ndo_change_mtu() to prevent buffer overflow - can: rcar_can: rcar_can_resume(): fix s2ram with PSCI - IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions - usb: core: Add 0x prefix to quirks debug output - ALSA: usb-audio: Fix build with CONFIG_INPUT=n - ALSA: usb-audio: Convert comma to semicolon - ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 - ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks - ALSA: usb-audio: Simplify NULL comparison in mixer_quirks - ALSA: usb-audio: Avoid multiple assignments in mixer_quirks - ALSA: usb-audio: Fix block comments in mixer_quirks - net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer - net: rfkill: gpio: add DT support - serial: sc16is7xx: fix bug in flow control levels init - USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels - usb: gadget: dummy_hcd: remove usage of list iterator past the loop body - ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message - ASoC: wm8974: Correct PLL rate rounding - ASoC: wm8940: Correct typo in control name - mmc: mvsdio: Fix dma_unmap_sg() nents value - nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* - cnic: Fix use-after-free bugs in cnic_delete_task - net: liquidio: fix overflow in octeon_init_instr_queue() - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). - i40e: remove redundant memory barrier when cleaning Tx descs - net: natsemi: fix `rx_dropped` double accounting on `netif_rx()` failure - cgroup: split cgroup_destroy_wq into 3 workqueues - pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch - wifi: mac80211: fix incorrect type for ret - ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory - phy: ti-pipe3: fix device leak at unbind - dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map - can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails - can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path - i40e: Use irq_update_affinity_hint() - genirq: Provide new interfaces for affinity hints - genirq: Export affinity setter for modules - genirq/affinity: Add irq_update_affinity_desc() - igb: fix link test skipping when interface is admin down - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() - USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions - USB: serial: option: add Telit Cinterion FN990A w/audio compositions - tty: hvc_console: Call hvc_kick in hvc_write unconditionally - mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing - mtd: nand: raw: atmel: Fix comment in timings preparation - mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer - mm/khugepaged: fix the address passed to notifier on testing young - fuse: prevent overflow in copy_file_range return value - fuse: check if copy_file_range() returns larger than requested size - mtd: rawnand: stm32_fmc2: fix ECC overwrite - ocfs2: fix recursive semaphore deadlock in fiemap call - EDAC/altera: Delete an inappropriate dma_free_coherent() call - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. - net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. - device-dax: correct pgoff align in dax_set_mapping() {CVE-2024-50022} - Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" - KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer - rds: Free all frags when rds_ib_recv_cache_put() fails - bpf/bpf_get,set_sockopt: add option to set TCP-BPF sock ops flags - NFSv4: Don't clear capabilities that won't be reset - power: supply: bq27xxx: restrict no-battery detection to bq27000 - power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery - usb: hub: Fix flushing of delayed work used for post resume purposes - soc: qcom: mdt_loader: Deal with zero e_shentsize - Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" - LTS tag: v5.4.299 - scsi: lpfc: Fix buffer free/clear order in deferred receive path - dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() - cifs: fix integer overflow in match_server() - spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort - spi: spi-fsl-lpspi: Set correct chip-select polarity bit - spi: spi-fsl-lpspi: Fix transmissions when using CONT - pcmcia: Add error handling for add_interval() in do_validate_mem() - ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model - randstruct: gcc-plugin: Fix attribute addition - randstruct: gcc-plugin: Remove bogus void member - vmxnet3: update MTU after device quiesce - net: dsa: microchip: linearize skb for tail-tagging switches - net: dsa: microchip: update tag_ksz masks for KSZ9477 family - dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() - ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup - gpio: pca953x: fix IRQ storm on system wake up - iio: light: opt3001: fix deadlock due to concurrent flag access - iio: chemical: pms7003: use aligned_s64 for timestamp - cpufreq/sched: Explicitly synchronize limits_changed flag handling - mm/slub: avoid accessing metadata when pointer is invalid in object_err() - mm/khugepaged: fix ->anon_vma race - e1000e: fix heap overflow in e1000_set_eeprom - batman-adv: fix OOB read/write in network-coding decode - drm/amdgpu: drop hw access in non-DC audio fini - wifi: mwifiex: Initialize the chan_stats array to zero - pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() - ALSA: usb-audio: Add mute TLV for playback volumes on some devices - ppp: fix memory leak in pad_compress_skb - net: atm: fix memory leak in atm_register_sysfs when device_register fail - ax25: properly unshare skbs in ax25_kiss_rcv() - ipv4: Fix NULL vs error pointer check in inet_blackhole_dev_init() - net: thunder_bgx: add a missing of_node_put - wifi: libertas: cap SSID len in lbs_associate() - wifi: cw1200: cap SSID length in cw1200_do_join() - net: ethernet: mtk_eth_soc: fix tx vlan tag for llc packets - i40e: Fix potential invalid access when MAC list is empty - icmp: fix icmp_ndo_send address translation for reply direction - mISDN: Fix memory leak in dsp_hwec_enable() - xirc2ps_cs: fix register access when enabling FullDuplex - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() - netfilter: conntrack: helper: Replace -EEXIST by -EBUSY - wifi: cfg80211: fix use-after-free in cmp_bss() - powerpc: boot: Remove leading zero in label in udelay() - hugetlbfs: take read_lock on i_mmap for PMD sharing - kallsyms: add module_kallsyms_on_each_symbol_locked - kallsyms: export module_kallsyms_on_each_symbol - uek-rpm: Move ifb module to nano modules - clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns {CVE-2025-38499} - x86/vmscape: Warn when STIBP is disabled with SMT - x86/bugs: Move cpu_bugs_smt_update() down - x86/vmscape: Enable the mitigation - x86/vmscape: Add conditional IBPB mitigation - x86/vmscape: Add old Intel CPUs to affected list - x86/vmscape: Enumerate VMSCAPE bug - Documentation/hw-vuln: Add VMSCAPE documentation - LTS tag: v5.4.298 - Revert "drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS" - net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions - Revert "drm/amdgpu: fix incorrect vm flags to map bo" - HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() - HID: wacom: Add a new Art Pen 2 - HID: asus: fix UAF via HID_CLAIMED_INPUT validation - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare - sctp: initialize more fields in sctp_v6_from_sk() - net: stmmac: xgmac: Do not enable RX FIFO Overflow interrupts - net/mlx5e: Set local Xoff after FW update - net/mlx5e: Update and set Xon/Xoff upon port speed set - net/mlx5e: Update and set Xon/Xoff upon MTU set - net: dlink: fix multicast stats being counted incorrectly - atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). - net/atm: remove the atmdev_ops {get, set}sockopt methods - Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced - powerpc/kvm: Fix ifdef to remove build warning - net: ipv4: fix regression in local-broadcast routes - vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() - scsi: core: sysfs: Correct sysfs attributes access rights - ftrace: Fix potential warning in trace_printk_seq during ftrace_dump - pinctrl: STMFX: add missing HAS_IOMEM dependency - LTS tag: v5.4.297 - alloc_fdtable(): change calling conventions. - s390/hypfs: Enable limited access during lockdown - s390/hypfs: Avoid unnecessary ioctl registration in debugfs - ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation - net/sched: Remove unnecessary WARNING condition for empty child qdisc in htb_activate - net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit - ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc - ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add - ALSA: usb-audio: Fix size validation in convert_chmap_v3() - scsi: qla4xxx: Prevent a potential error pointer dereference - usb: xhci: Fix slot_id resource race conflict - nfs: fix UAF in direct writes - NFS: Fix up commit deadlocks - cifs: Fix UAF in cifs_demultiplex_thread() - Bluetooth: fix use-after-free in device_for_each_child() - act_mirred: use the backlog for nested calls to mirred ingress - net/sched: act_mirred: better wording on protection against excessive stack growth - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: tc_actions.sh: add matchall mirror test - net: sched: don't expose action qstats to skb_tc_reinsert() - net: sched: extract qstats update code into functions - net: sched: extract bstats update code into function - net: sched: extract common action counters update code into function - mm: perform the mapping_map_writable() check after call_mmap() - mm: update memfd seal write check to include F_SEAL_WRITE - mm: drop the assumption that VM_SHARED always implies writable - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() - sch_qfq: make qfq_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_drr: make drr_qlen_notify() idempotent - btrfs: populate otime when logging an inode item - media: venus: hfi: explicitly release IRQ during teardown - f2fs: fix to avoid out-of-boundary access in dnode page - media: venus: protect against spurious interrupts during probe - media: qcom: camss: cleanup media device allocated resource on error path - media: venus: vdec: Clamp param smaller than 1fps and bigger than 240. - drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS - pwm: mediatek: Fix duty and period setting - pwm: mediatek: Handle hardware enable and clock enable separately - pwm: mediatek: Implement .apply() callback - media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() - media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() - media: v4l2-ctrls: always copy the controls on completion - ata: Fix SATA_MOBILE_LPM_POLICY description in Kconfig - soc: qcom: mdt_loader: Ensure we don't read past the ELF header - rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 - usb: musb: omap2430: fix device leak at unbind - NFS: Fix the setting of capabilities when automounting a new filesystem - NFS: Fix up handling of outstanding layoutcommit in nfs_update_inode() - NFSv4: Fix nfs4_bitmap_copy_adjust() - usb: typec: fusb302: cache PD RX state - cdc-acm: fix race between initial clearing halt and open - USB: cdc-acm: do not log successful probe on later errors - mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock - mm/kmemleak: turn kmemleak_lock and object->lock to raw_spinlock_t - ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() - x86/fpu: Delay instruction pointer fixup until after warning - mm/hmm: move pmd_to_hmm_pfn_flags() to the respective #ifdeffery - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() - pmdomain: governor: Consider CPU latency tolerance from pm_domain_cpu_gov - tracing: Add down_write(trace_event_sem) when adding trace event - usb: hub: Don't try to recover devices lost during warm reset. - usb: hub: avoid warm port reset during USB3 disconnect - x86/mce/amd: Add default names for MCA banks and blocks - iio: hid-sensor-prox: Fix incorrect OFFSET calculation - f2fs: fix to do sanity check on ino and xnid - mm/zsmalloc: do not pass __GFP_MOVABLE if CONFIG_COMPACTION=n - mm/zsmalloc.c: convert to use kmem_cache_zalloc in cache_alloc_zspage() - drm/sched: Remove optimization that causes hang when killing dependent jobs - ice: Fix a null pointer dereference in ice_copy_and_init_pkg() - net: usbnet: Fix the wrong netif_carrier_on() call - net: usbnet: Avoid potential RCU stall on LINK_CHANGE event - PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports - ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value - comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large - comedi: Fix initialization of data for instructions that write to subdevice - kbuild: Add KBUILD_CPPFLAGS to as-option invocation - kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS - kbuild: Add CLANG_FLAGS to as-instr - mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation - kbuild: Update assembler calls to use proper flags and language target - ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS - usb: dwc3: Ignore late xferNotReady event to prevent halt timeout - USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles - usb: storage: realtek_cr: Use correct byte order for bcs->Residue - USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera - usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive - iio: proximity: isl29501: fix buffered read on big-endian systems - ftrace: Also allocate and copy hash for reading of filter files - fpga: zynq_fpga: Fix the wrong usage of dma_map_sgtable() - use uniform permission checks for all mount propagation changes - move_mount: allow to add a mount into an existing group - fs/buffer: fix use-after-free when call bh_read() helper - drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs - drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 - memstick: Fix deadlock by moving removing flag earlier - media: venus: Add a check for packet size after reading from shared memory - media: ov2659: Fix memory leaks in ov2659_probe() - media: usbtv: Lock resolution while streaming - media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() - media: gspca: Add bounds checking to firmware parser - soc/tegra: pmc: Ensure power-domains are in a known state - jbd2: prevent softlockup in jbd2_log_do_checkpoint() - PCI: endpoint: Fix configfs group removal on driver teardown - PCI: endpoint: Fix configfs group list head handling - mtd: rawnand: fsmc: Add missing check after DMA map - pwm: imx-tpm: Reset counter if CMOD is 0 - wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() - zynq_fpga: use sgtable-based scatterlist wrappers - ata: libata-scsi: Fix ata_to_sense_error() status handling - ext4: fix reserved gdt blocks handling in fsmap - ext4: fix fsmap end of range reporting with bigalloc - ext4: check fast symlink for ea_inode correctly - vt: defkeymap: Map keycodes above 127 to K_HOLE - vt: keyboard: Don't process Unicode characters in K_OFF mode - usb: dwc3: meson-g12a: fix device leaks at unbind - usb: gadget: udc: renesas_usb3: fix device leak at unbind - usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() - m68k: Fix lost column on framebuffer debug console - cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() - serial: 8250: fix panic due to PSLVERR - media: uvcvideo: Do not mark valid metadata as invalid - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() - mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() - parisc: Makefile: fix a typo in palo.conf - btrfs: fix log tree replay failure due to file with 0 links and extents - thunderbolt: Fix copy+paste error in match_service_id() - comedi: fix race between polling and detaching - misc: rtsx: usb: Ensure mmc child device is active when card is present - drm/amdgpu: fix incorrect vm flags to map bo - scsi: lpfc: Remove redundant assignment to avoid memory leak - rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe - pNFS: Fix uninited ptr deref in block/scsi layout - pNFS: Handle RPC size limit for layoutcommits - pNFS: Fix disk addr range check in block/scsi layout - pNFS: Fix stripe mapping in block/scsi layout - net: phy: smsc: add proper reset flags for LAN8710A - ipmi: Fix strcpy source and destination the same - kconfig: lxdialog: fix 'space' to (de)select options - kconfig: gconf: fix potential memory leak in renderer_edited() - kconfig: gconf: avoid hardcoding model2 in on_treeview2_cursor_changed() - ipmi: Use dev_warn_ratelimited() for incorrect message warnings - scsi: aacraid: Stop using PCI_IRQ_AFFINITY - scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans - kconfig: nconf: Ensure null termination where strncpy is used - kconfig: lxdialog: replace strcpy() with strncpy() in inputbox.c - i3c: don't fail if GETHDRCAP is unsupported - PCI: pnv_php: Work around switches with broken presence detection - i3c: add missing include to internal header - media: uvcvideo: Fix bandwidth issue for Alcor camera - media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar - media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() - media: usb: hdpvr: disable zero-length read messages - media: tc358743: Increase FIFO trigger level to 374 - media: tc358743: Return an appropriate colorspace from tc358743_set_fmt - media: tc358743: Check I2C succeeded during probe - pinctrl: stm32: Manage irq affinity settings - scsi: mpt3sas: Correctly handle ATA device errors - scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure - RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() - MIPS: Don't crash in stack_top() for tasks without ABI or vDSO - jfs: upper bound check of tree index in dbAllocAG - jfs: Regular file corruption check - jfs: truncate good inode pages when hard link is 0 - scsi: bfa: Double-free fix - MIPS: vpe-mt: add missing prototypes for vpe_{alloc,start,stop,free} - watchdog: dw_wdt: Fix default timeout - fs/orangefs: use snprintf() instead of sprintf() - scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated - ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr - cifs: Fix calling CIFSFindFirst() for root path without msearch - vhost: fail early when __vhost_add_used() fails - net: dsa: b53: fix IP_MULTICAST_CTRL on BCM5325 - uapi: in6: restore visibility of most IPv6 socket options - net: ncsi: Fix buffer overflow in fetching version id - net: dsa: b53: prevent SWITCH_CTRL access on BCM5325 - net: dsa: b53: fix b53_imp_vlan_setup for BCM5325 - net: vlan: Replace BUG() with WARN_ON_ONCE() in vlan_dev_* stubs - wifi: iwlegacy: Check rate_idx range after addition - netmem: fix skb_frag_address_safe with unreadable skbs - wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()`. - wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect - wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() - net: fec: allow disable coalescing - (powerpc/512) Fix possible `dma_unmap_single()` on uninitialized pointer - s390/stp: Remove udelay from stp_sync_clock() - wifi: iwlwifi: mvm: fix scan request validation - net: thunderx: Fix format-truncation warning in bgx_acpi_match_id() - net: ipv4: fix incorrect MTU in broadcast routes - wifi: cfg80211: Fix interface type validation - rcu: Protect ->defer_qs_iw_pending from data race - net: ag71xx: Add missing check after DMA map - et131x: Add missing check after DMA map - be2net: Use correct byte order and format string for TCP seq and ack_seq - s390/time: Use monotonic clock in get_cycles() - wifi: cfg80211: reject HTC bit for management frames - ktest.pl: Prevent recursion of default variable options - ASoC: codecs: rt5640: Retry DEVICE_ID verification - ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control - platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches - pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() - usb: core: usb_submit_urb: downgrade type check - ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 - ASoC: hdac_hdmi: Rate limit logging on connection and disconnection - mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() - ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path - ACPI: processor: fix acpi_object initialization - PM: sleep: console: Fix the black screen issue - thermal: sysfs: Return ENODATA instead of EAGAIN for reads - PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() - selftests: tracing: Use mutex_unlock for testing glob filter - ARM: tegra: Use I/O memcpy to write to IRAM - gpio: tps65912: check the return value of regmap_update_bits() - ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed - ARM: rockchip: fix kernel hang during smp initialization - cpufreq: Exit governor when failed to start old governor - usb: xhci: Avoid showing errors during surprise removal - usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command - usb: xhci: Avoid showing warnings for dying controller - selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t - usb: xhci: print xhci->xhc_state when queue_command failed - securityfs: don't pin dentries twice, once is enough... - hfs: fix not erasing deleted b-tree node issue - drbd: add missing kref_get in handle_write_conflicts - udf: Verify partition map count - arm64: Handle KCOV __init vs inline mismatches - hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() - hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() - hfs: fix slab-out-of-bounds in hfs_bnode_read() - sctp: linearize cloned gso packets in sctp_rcv - netfilter: ctnetlink: fix refcount leak on table dump - udp: also consider secpath when evaluating ipsec use for checksumming - ACPI: processor: perflib: Move problematic pr->performance check - ACPI: processor: perflib: Fix initial _PPC limit application - Documentation: ACPI: Fix parent device references - fs: Prevent file descriptor table allocations exceeding INT_MAX - sunvdc: Balance device refcount in vdc_port_mpgroup_check - NFSD: detect mismatch of file handle and delegation stateid in OPEN op - net: dpaa: fix device leak when querying time stamp info - net: gianfar: fix device leak when querying time stamp info - netlink: avoid infinite retry looping in netlink_unicast() - ALSA: usb-audio: Validate UAC3 cluster segment descriptors - ALSA: usb-audio: Validate UAC3 power domain descriptors, too - io_uring: don't use int for ABI - usb: gadget : fix use-after-free in composite_dev_cleanup() - MIPS: mm: tlb-r4k: Uniquify TLB entries on init - USB: serial: option: add Foxconn T99W709 - vsock: Do not allow binding to VMADDR_PORT_ANY - net/packet: fix a race in packet_set_ring() and packet_notifier() - perf/core: Prevent VMA split of buffer mappings - perf/core: Exit early on perf_mmap() fail - perf/core: Don't leak AUX buffer refcount on allocation failure - pptp: fix pptp_xmit() error path - smb: client: let recv_done() cleanup before notifying the callers. - benet: fix BUG when creating VFs - net: drop UFO packets in udp_rcv_segment() - ipv6: reject malicious packets in ipv6_gso_segment() - pptp: ensure minimal skb length in pptp_xmit() - netpoll: prevent hanging NAPI when netcons gets enabled - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() - pci/hotplug/pnv-php: Wrap warnings in macro - pci/hotplug/pnv-php: Improve error msg on power state change failure - usb: chipidea: udc: fix sleeping function called from invalid context - f2fs: fix to avoid out-of-boundary access in devs.path - f2fs: fix to avoid panic in f2fs_evict_inode - f2fs: fix to avoid UAF in f2fs_sync_inode_meta() - rtc: pcf8563: fix incorrect maximum clock rate handling - rtc: hym8563: fix incorrect maximum clock rate handling - rtc: ds1307: fix incorrect maximum clock rate handling - module: Restore the moduleparam prefix length check - bpf: Check flow_dissector ctx accesses are aligned - mtd: rawnand: atmel: set pmecc data setup time - mtd: rawnand: atmel: Fix dma_mapping_error() address - jfs: fix metapage reference count leak in dbAllocCtl - fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref - crypto: qat - fix seq_file position update in adf_ring_next() - dmaengine: nbpfaxi: Add missing check after DMA map - dmaengine: mv_xor: Fix missing check after DMA map and missing unmap - fs/orangefs: Allow 2 more characters in do_c_string() - soundwire: stream: restore params when prepare ports fail - crypto: img-hash - Fix dma_unmap_sg() nents value - hwrng: mtk - handle devm_pm_runtime_enable errors - watchdog: ziirave_wdt: check record length in ziirave_firm_verify() - scsi: isci: Fix dma_unmap_sg() nents value - scsi: mvsas: Fix dma_unmap_sg() nents value - scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value - clk: sunxi-ng: v3s: Fix de clock definition - perf tests bp_account: Fix leaked file descriptor - crypto: ccp - Fix crash when rebind ccp device for ccp.ko - pinctrl: sunxi: Fix memory leak on krealloc failure - power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set - clk: davinci: Add NULL check in davinci_lpsc_clk_register() - mtd: fix possible integer overflow in erase_xfer() - crypto: marvell/cesa - Fix engine load inaccuracy - PCI: rockchip-host: Fix "Unexpected Completion" log message - vrf: Drop existing dst reference in vrf_ip6_input_dst - selftests: rtnetlink.sh: remove esp4_offload after test - netfilter: xt_nfacct: don't assume acct name is null-terminated - can: kvaser_usb: Assign netdev.dev_port based on device channel index - can: kvaser_pciefd: Store device channel index - wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE - Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" - mwl8k: Add missing check after DMA map - wifi: rtl8xxxu: Fix RX skb size for aggregation disabled - net/sched: Restrict conditions for adding duplicating netems to qdisc tree - arch: powerpc: defconfig: Drop obsolete CONFIG_NET_CLS_TCINDEX - drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value - m68k: Don't unregister boot console needlessly - tcp: fix tcp_ofo_queue() to avoid including too much DUP SACK range - iwlwifi: Add missing check for alloc_ordered_workqueue - wifi: iwlwifi: Fix memory leak in iwl_mvm_init() - wifi: rtl818x: Kill URBs before clearing tx status queue - caif: reduce stack size, again - bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure - bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls - staging: nvec: Fix incorrect null termination of battery manufacturer - samples: mei: Fix building on musl libc - cpufreq: Init policy->rwsem before it may be possibly used - ARM: dts: imx6ul-kontron-bl-common: Fix RTS polarity for RS485 interface - usb: early: xhci-dbc: Fix early_ioremap leak - Revert "vmci: Prevent the dispatching of uninitialized payloads" - pps: fix poll support - vmci: Prevent the dispatching of uninitialized payloads - staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() - ARM: dts: vfxxx: Correctly use two tuples for timer address - hfsplus: remove mutex_lock check in hfsplus_free_extents - ASoC: Intel: fix SND_SOC_SOF dependencies - ethernet: intel: fix building with large NR_CPUS - usb: phy: mxs: disconnect line when USB charger is attached - usb: chipidea: add USB PHY event - usb: chipidea: introduce CI_HDRC_CONTROLLER_VBUS_EVENT glue layer use - usb: chipidea: udc: protect usb interrupt enable - usb: chipidea: udc: add new API ci_hdrc_gadget_connect - ALSA: hda: Add missing NVIDIA HDA codec IDs - comedi: comedi_test: Fix possible deletion of uninitialized timers - nilfs2: reject invalid file types when reading inodes - i2c: qup: jump out of the loop in case of timeout - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class - net: appletalk: Fix use-after-free in AARP proxy probe - net: appletalk: fix kerneldoc warnings - RDMA/core: Rate limit GID cache warning messages - regulator: core: fix NULL dereference on unbind due to stale coupling data - usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm - usb: hub: fix detection of high tier USB3 devices behind suspended hubs - net_sched: sch_sfq: reject invalid perturb period - power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition - power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync - power: supply: bq24190_charger: Fix runtime PM imbalance on error - xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS - virtio-net: ensure the received length does not exceed allocated size - ASoC: fsl_sai: Force a software reset when starting in consumer mode - usb: dwc3: qcom: Don't leave BCR asserted - usb: musb: fix gadget state on disconnect - net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime - Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU - Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout - Bluetooth: SMP: If an unallowed command is received consider it a failure - Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() - usb: net: sierra: check for no status endpoint - net/sched: sch_qfq: Fix race condition on qfq_aggregate - net: emaclite: Fix missing pointer increment in aligned_read() - comedi: Fix use of uninitialized data in insn_rw_emulate_bits() - comedi: Fix some signed shift left operations - comedi: das6402: Fix bit shift out of bounds - comedi: das16m1: Fix bit shift out of bounds - comedi: aio_iiro_16: Fix bit shift out of bounds - comedi: pcl812: Fix bit shift out of bounds - iio: adc: stm32-adc: Fix race in installing chained IRQ handler - iio: adc: max1363: Reorder mode_list[] entries - iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled - soc: aspeed: lpc-snoop: Cleanup resources in stack-order - mmc: sdhci_am654: Workaround for Errata i2312 - mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models - mmc: bcm2835: Fix dma_unmap_sg() nents value - memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() - isofs: Verify inode mode when loading from disk - dmaengine: nbpfaxi: Fix memory corruption in probe() - af_packet: fix soft lockup issue caused by tpacket_snd() - af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() - phonet/pep: Move call to pn_skb_get_dst_sockaddr() earlier in pep_sock_accept() - HID: core: do not bypass hid_hw_raw_request - HID: core: ensure __hid_request reserves the report ID as the first byte - HID: core: ensure the allocated report buffer can contain the reserved report ID - pch_uart: Fix dma_sync_sg_for_device() nents value - Input: xpad - set correct controller type for Acer NGR200 - i2c: stm32: fix the device used for the DMA map - usb: gadget: configfs: Fix OOB read on empty string write - USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI - USB: serial: option: add Foxconn T99W640 - USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition - LTS tag: v5.4.296 - x86/mm: Disable hugetlb page table sharing on 32-bit - Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID - HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras - HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY - vt: add missing notification when switching back to text mode - net: usb: qmi_wwan: add SIMCom 8230C composition - atm: idt77252: Add missing `dma_map_error()` - bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT - bnxt_en: Fix DCB ETS validation - can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level - net: phy: microchip: limit 100M workaround to link-down events on LAN88xx - net: appletalk: Fix device refcount leak in atrtr_create() - md/raid1: Fix stack memory use after return in raid1_reshape - wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() - dma-buf: fix timeout handling in dma_resv_wait_timeout v2 - Input: xpad - support Acer NGR 200 Controller - Input: xpad - add VID for Turtle Beach controllers - Input: xpad - add support for Amazon Game Controller - NFSv4/flexfiles: Fix handling of NFS level errors in I/O - flexfiles/pNFS: update stats on NFS4ERR_DELAY for v4.1 DSes - RDMA/mlx5: Fix vport loopback for MPV device - netlink: Fix rmem check in netlink_broadcast_deliver(). - netlink: make sure we allow at least one dump skb - Revert "ACPI: battery: negate current when discharging" - usb: gadget: u_serial: Fix race condition in TTY wakeup - drm/sched: Increment job count before swapping tail spsc queue - pinctrl: qcom: msm: mark certain pins as invalid for interrupts - x86/mce: Make sure CMCI banks are cleared during shutdown on Intel - x86/mce: Don't remove sysfs if thresholding sysfs init fails - x86/mce/amd: Fix threshold limit reset - rxrpc: Fix oops due to non-existence of prealloc backlog struct - net/sched: Abort __tc_modify_qdisc if parent class does not exist - atm: clip: Fix NULL pointer dereference in vcc_sendmsg() - atm: clip: Fix infinite recursive call of clip_push(). - atm: clip: Fix memory leak of struct clip_vcc. - atm: clip: Fix potential null-ptr-deref in to_atmarpd(). - tipc: Fix use-after-free in tipc_conn_close(). - netlink: Fix wraparounds of sk->sk_rmem_alloc. - fix proc_sys_compare() handling of in-lookup dentries - proc: Clear the pieces of proc_inode that proc_evict_inode cares about - drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling - staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() - media: uvcvideo: Rollback non processed entities on error - media: uvcvideo: Send control events for partial succeeds - media: uvcvideo: Return the number of processed controls - ACPI: PAD: fix crash in exit_round_robin() - usb: typec: displayport: Fix potential deadlock - Logitech C-270 even more broken - rose: fix dangling neighbour pointers in rose_rt_device_down() - net: rose: Fix fall-through warnings for Clang - drm/i915/gt: Fix timeline left held on VMA alloc error - drm/i915/selftests: Change mock_request() to return error pointers - spi: spi-fsl-dspi: Clear completion counter before initiating transfer - spi: spi-fsl-dspi: Fix interrupt-less DMA mode taking an XSPI code path - spi: spi-fsl-dspi: Rename fifo_{read,write} and {tx,cmd}_fifo_write - dpaa2-eth: fix xdp_rxq_info leak - ethernet: atl1: Add missing DMA mapping error checks and count errors - btrfs: use btrfs_record_snapshot_destroy() during rmdir - btrfs: propagate last_unlink_trans earlier when doing a rmdir - RDMA/mlx5: Fix CC counters query for MPV - RDMA/core: Create and destroy counters in the ib_core - scsi: ufs: core: Fix spelling of a sysfs attribute name - drm/v3d: Disable interrupts before resetting the GPU - mtk-sd: reset host->mrq on prepare_data() error - mtk-sd: Prevent memory corruption from DMA map failure - mmc: mediatek: use data instead of mrq parameter from msdc_{un}prepare_data() - regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods - regulator: gpio: Add input_supply support in gpio_regulator_config - ACPICA: Refuse to evaluate a method if arguments are missing - wifi: ath6kl: remove WARN on bad firmware input - wifi: mac80211: drop invalid source address OCB frames - powerpc: Fix struct termio related ioctl macros - ata: pata_cs5536: fix build on 32-bit UML - ALSA: sb: Force to disable DMAs once when DMA mode is changed - nui: Fix dma_mapping_error() check - enic: fix incorrect MTU comparison in enic_change_mtu() - amd-xgbe: align CL37 AN sequence as per databook - lib: test_objagg: Set error message in check_expect_hints_stats() - drm/exynos: fimd: Guard display clock control with runtime PM calls - btrfs: fix missing error handling when searching for inode refs during log replay - scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() - nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. - RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert - platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment - mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data - usb: typec: altmodes/displayport: do not index invalid pin_assignments - mmc: sdhci: Add a helper function for dump register in dynamic debug mode - vsock/vmci: Clear the vmci transport packet properly when initializing it - btrfs: don't abort filesystem when attempting to snapshot deleted subvolume - arm64: Restrict pagetable teardown to avoid false warning - s390: Add '-std=gnu11' to decompressor and purgatory CFLAGS - drm/bridge: cdns-dsi: Check return value when getting default PHY config - drm/bridge: cdns-dsi: Fix connecting to next bridge - drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() - drm/tegra: Assign plane type before registration - HID: wacom: fix kobject reference count leak - HID: wacom: fix memory leak on sysfs attribute creation failure - HID: wacom: fix memory leak on kobject creation failure - dm-raid: fix variable in journal device check - Bluetooth: L2CAP: Fix L2CAP MTU negotiation - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). - net: enetc: Correct endianness handling in _enetc_rd_reg64 - um: ubd: Add missing error check in start_io_thread() - vsock/uapi: fix linux/vm_sockets.h userspace compilation errors - wifi: mac80211: fix beacon interval calculation overflow - attach_recursive_mnt(): do not lock the covering tree when sliding something under it - ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() - i2c: robotfuzz-osif: disable zero-length read messages - i2c: tiny-usb: disable zero-length read messages - RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction - RDMA/core: Use refcount_t instead of atomic_t on refcount of iwcm_id_private - media: vivid: Change the siize of the composing - media: omap3isp: use sgtable-based scatterlist wrappers - media: cxusb: no longer judge rbuf when the write fails - media: cxusb: use dev_dbg() rather than hand-rolled debug - jfs: validate AG parameters in dbMount() to prevent crashes - fs/jfs: consolidate sanity checking in dbMount - ASoC: meson: meson-card-utils: use of_property_present() for DT parsing - of: Add of_property_present() helper - of: property: define of_property_read_u{8,16,32,64}_array() unconditionally - kbuild: hdrcheck: fix cross build with clang - kbuild: add --target to correctly cross-compile UAPI headers with Clang - bpfilter: match bit size of bpfilter_umh to that of the kernel - kbuild: use -MMD instead of -MD to exclude system headers from dependency - VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF - ovl: Check for NULL d_inode() in ovl_dentry_upper() - ceph: fix possible integer overflow in ceph_zero_objects() - ALSA: hda: Ignore unsol events for cards being shut down - usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode - usb: cdc-wdm: avoid setting WDM_READ for ZLP-s - usb: Add checks for snprintf() calls in usb_alloc_dev() - tty: serial: uartlite: register uart driver in init - usb: potential integer overflow in usbg_make_tpg() - iio: pressure: zpa2326: Use aligned_s64 for the timestamp - md/md-bitmap: fix dm-raid max_write_behind setting - dmaengine: xilinx_dma: Set dma_device directions - mfd: max14577: Fix wakeup source leaks on device unbind - mailbox: Not protect module_put with spin_lock_irqsave - cifs: Fix cifs_query_path_info() for Windows NT servers Important TuxCare License Agreement CVE-2024-43877 CVE-2024-35937 CVE-2024-41069 CVE-2024-35966 CVE-2024-36914 CVE-2024-56616 CVE-2025-38529 CVE-2025-38516 CVE-2025-38515 CVE-2025-38513 CVE-2025-38487 CVE-2025-38483 CVE-2025-38480 CVE-2025-38474 CVE-2025-38473 CVE-2025-38465 CVE-2025-38457 CVE-2025-38439 CVE-2025-38391 CVE-2025-38377 CVE-2025-40118 CVE-2025-40070 CVE-2025-38262 CVE-2025-38249 CVE-2025-38226 CVE-2025-40205 CVE-2025-40200 CVE-2025-40190 CVE-2025-40188 CVE-2025-40187 CVE-2025-40178 CVE-2025-40173 CVE-2025-40167 CVE-2025-40121 CVE-2025-40030 CVE-2025-40055 CVE-2025-40044 CVE-2025-40088 CVE-2025-40186 CVE-2025-38497 CVE-2025-38482 CVE-2025-38467 CVE-2025-38464 CVE-2025-40019 CVE-2025-38211 CVE-2025-38459 CVE-2025-38514 CVE-2025-38540 CVE-2025-38530 CVE-2025-40154 CVE-2025-40153 CVE-2025-40140 CVE-2025-40134 CVE-2025-40126 CVE-2025-38546 CVE-2025-38542 CVE-2025-38538 CVE-2025-38477 CVE-2025-38387 CVE-2025-38245 CVE-2023-53259 CVE-2024-41013 CVE-2025-40027 CVE-2025-40026 CVE-2025-40115 CVE-2025-38371 CVE-2025-38389 CVE-2025-38230 CVE-2025-38229 CVE-2025-38102 CVE-2024-50022 CVE-2025-40124 CVE-2025-40112 CVE-2025-40111 CVE-2025-40106 CVE-2025-40105 CVE-2025-40087 CVE-2025-40049 CVE-2025-40048 CVE-2025-40042 CVE-2025-40035 CVE-2025-40018 CVE-2025-40001 CVE-2025-38495 CVE-2025-38494 CVE-2025-38460 CVE-2025-38458 CVE-2025-38448 CVE-2025-38445 CVE-2025-38406 CVE-2025-38404 CVE-2025-38403 CVE-2025-38401 CVE-2025-38400 CVE-2025-38395 CVE-2025-38386 CVE-2025-40204 CVE-2025-40198 CVE-2025-40197 CVE-2025-40194 CVE-2025-38499 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-62168: fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure - email_err_data directive now defaults to 'off' for security (previously 'on') Important TuxCare License Agreement CVE-2025-62168 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-25724: fix buffer overflow vulnerability in libarchive Important TuxCare License Agreement CVE-2025-5914 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-40907: fix integer overflow and heap-based buffer overflow in fcgi2 library Important TuxCare License Agreement CVE-2025-40907 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-47606: allocator: avoid integer overflow when allocating sysmem - Fix documentation build with the newer gtk-doc Critical TuxCare License Agreement CVE-2024-47606 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-6019: don't allow suid and dev set on fs resize Important TuxCare License Agreement CVE-2025-6019 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-47615: fix OOB-Write in gst_parse_vorbis_setup_packet by validating integer size input to prevent memory corruption Critical TuxCare License Agreement CVE-2024-47538 CVE-2024-47607 CVE-2024-47615 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-47606: qtdemux: avoid integer overflow when parsing Theora extension - Fix documentation build with the newer gtk-doc Critical TuxCare License Agreement CVE-2024-47606 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-4945: fix integer overflow vulnerability in date/time parsing - CVE-2025-11021: fix out-of-bounds memory read in cookie date handling logic Low TuxCare License Agreement CVE-2025-4945 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-47537: qtdemux: fix integer overflow when allocating the samples table for fragmented MP4 Critical TuxCare License Agreement CVE-2024-47537 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-5917: fix overflow in build_ustar_entry - CVE-2025-5918: do not skip past EOF while reading Moderate TuxCare License Agreement CVE-2025-5917 CVE-2025-5918 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Bump release to 23.0.1.1.tuxcare.els1 Important TuxCare License Agreement CVE-2025-1244 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Bump version to 3.1.1-4.0.1 Critical TuxCare License Agreement CVE-2014-9474 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-8067: fix issue allowing unprivileged users to create loop devices with negative index values Important TuxCare License Agreement CVE-2025-8067 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Rebuilt with xorg-x11-server-1.20.4-99.el7_9.tuxcare.els8, mitigating the security vulnerabilities identified by the following CVEs: CVE-2025-62229, CVE-2025-62230, CVE-2025-62231 - Moved CVE-2024-9632 patch to xorg-x11-server package Important TuxCare License Agreement CVE-2025-62230 CVE-2025-62231 CVE-2025-62229 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-9632: fix buffer overflow in _XkbSetCompatMap() - CVE-2025-62229: fix use-after-free condition due improper error handling during notification creation leading to DoS - CVE-2025-62230: fix use-after-free condition due freeing certain data structures without properly detaching related resources - CVE-2025-62231: fix unsigned short overflow in XkbSetCompatMap() function Important TuxCare License Agreement CVE-2024-9632 CVE-2025-62230 CVE-2025-62231 CVE-2025-62229 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u472-b08 (GA). Moderate TuxCare License Agreement CVE-2025-53066 CVE-2025-53057 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2023-50868: avoid availabiluty of the remote attackers to cause a denial of service using DNSSEC Important TuxCare License Agreement CVE-2022-3204 CVE-2023-50387 CVE-2023-50868 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template Moderate TuxCare License Agreement CVE-2024-56326 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Bump release to 9.2.24-9.0.3.tuxcare.els1 Important TuxCare License Agreement CVE-2025-8714 CVE-2024-7348 CVE-2024-10979 CVE-2025-1094 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Bump release to 6.9.10.68-7.0.3.tuxcare.els1 Critical TuxCare License Agreement CVE-2025-62171 CVE-2022-32546 CVE-2021-20313 CVE-2021-20312 CVE-2022-32545 CVE-2025-53019 CVE-2025-53014 CVE-2022-32547 CVE-2020-27768 CVE-2020-27751 CVE-2025-57803 CVE-2025-55298 CVE-2025-55212 CVE-2025-53101 CVE-2021-20309 CVE-2025-55154 CVE-2025-57807 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-8508: limit number of name compression calculations per packet to prevent denial of service attacks. Moderate TuxCare License Agreement CVE-2024-8508 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-64505: fix heap buffer over-read vulnerability in png_do_quantize function by validating palette_lookup array bounds Moderate TuxCare License Agreement CVE-2025-64505 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - xfrm: Duplicate SPI Handling {CVE-2025-39965} - xfrm: state: use atomic_inc_not_zero to increment refcount - padata: Fix pd UAF once and for all {CVE-2025-38584} - padata: Remove broken queue flushing {CVE-2023-52854} - padata: ensure padata_do_serial() runs on the correct CPU - Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305} - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408} - sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718} - ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365} - Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386} - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put {CVE-2022-3640} - ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917} - ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918} - ipvs: use explicitly signed chars - vt: Clear selection before changing the font {CVE-2022-49948} - fs: prevent out-of-bounds array speculation when closing a file descriptor {CVE-2023-53117} - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900} - netlink: prevent potential spectre v1 gadgets {CVE-2023-53000} - igb: Do not free q_vector unless new one was allocated {CVE-2022-50252} - scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546} - net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907} - dm raid: fix address sanitizer warning in raid_status {CVE-2022-50084} - dm raid: fix address sanitizer warning in raid_resume {CVE-2022-50085} - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870} - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258} - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882} - Bluetooth: hci_core: Fix use-after-free in vhci_flush() {CVE-2025-38250} - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751} - jbd2: remove wrong sb->s_sequence check {CVE-2025-37839} - net_sched: hfsc: Fix a UAF vulnerability in class handling - crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} Important TuxCare License Agreement CVE-2022-23042 CVE-2022-49918 CVE-2022-49870 CVE-2023-52854 CVE-2022-50408 CVE-2022-20566 CVE-2022-49948 CVE-2023-53117 CVE-2025-39751 CVE-2025-38250 CVE-2022-50252 CVE-2022-49907 CVE-2025-37882 CVE-2022-50386 CVE-2023-53373 CVE-2023-53365 CVE-2022-49917 CVE-2025-37839 CVE-2023-53305 CVE-2023-53000 CVE-2022-50258 CVE-2022-21546 CVE-2025-38584 CVE-2025-38718 CVE-2022-50085 CVE-2025-39797 CVE-2022-48900 CVE-2025-39965 CVE-2022-50084 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - crypto: lzo - Fix compression buffer overrun {CVE-2025-38068} - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863} - NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945} - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). {CVE-2025-40186} - can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004} - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} - ALSA: usb-audio: Validate UAC3 cluster segment descriptors {CVE-2025-39757} - ext4: fix undefined behavior in bit shift for ext4_check_flag_values {CVE-2022-50403} - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} - fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978} - ALSA: usb-audio: Validate UAC3 power domain descriptors, too {CVE-2025-38729} - ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886} - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} Important TuxCare License Agreement CVE-2024-35886 CVE-2025-38004 CVE-2022-43945 CVE-2022-50367 CVE-2025-38051 CVE-2022-50403 CVE-2025-38245 CVE-2025-40186 CVE-2025-38459 CVE-2025-39955 CVE-2025-38068 CVE-2025-39757 CVE-2022-2978 CVE-2022-50410 CVE-2023-53322 CVE-2025-38157 CVE-2025-38415 CVE-2025-38729 CVE-2025-39863 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-58098: fix passes the shell-escaped query string to #exec cmd="..." directives Important TuxCare License Agreement CVE-2025-58098 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-52005: add sideband.allowControlCharacters config which gives a possibility to avoid control characters in sideband - CVE-2024-52006: fix newline confusion in credential helpers that can lead to credential exfiltration Important TuxCare License Agreement CVE-2024-52006 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2023-31484: add verify_SSL=>1 to HTTP::Tiny to verify https server identity Important TuxCare License Agreement CVE-2023-31484 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-50349: fix ANSI escape sequence vulnerability that occurs when asking for credentials interactively Important TuxCare License Agreement CVE-2024-32021 CVE-2024-50349 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-55160: fix function pointer type mismatch in Clone* functions Moderate TuxCare License Agreement CVE-2025-55160 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-54389: escape filenames in error/log messages to prevent terminal escape sequence injection Moderate TuxCare License Agreement CVE-2025-54389 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - fs/proc: fix uaf in proc_readdir_de() {CVE-2025-40271} - fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978} - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp {CVE-2023-53297} - net: sched: sfb: fix null pointer access issue when sfb_init() fails {CVE-2022-50356} - ALSA: usb-audio: Fix size validation in convert_chmap_v3() - nfsd: don't ignore the return code of svc_proc_register() {CVE-2025-22026} - net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull {CVE-2023-53104} - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class - HID: stop exporting hid_snto32() - HID: simplify snto32() - HID: core: fix shift-out-of-bounds in hid_report_raw_event {CVE-2022-48978} - HID: core: detect and skip invalid inputs to snto32() - HID: core: don't use negative operands when shift Important TuxCare License Agreement CVE-2022-48978 CVE-2022-50367 CVE-2023-53104 CVE-2025-40271 CVE-2023-53297 CVE-2022-50356 CVE-2022-2978 CVE-2025-22026 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-64720: fix buffer overflow in png_init_read_transformations function during palette compositing with optimized alpha Important TuxCare License Agreement CVE-2025-64720 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - timezone-test-to-cet: change the timezone to CET to fix the test failure - CVE-2025-13699: fix directory traversal Important TuxCare License Agreement CVE-2025-13699 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-68973: fix memory corruption in the armor parser that leads to out-of-bounds write for malicious input Important TuxCare License Agreement CVE-2025-68973 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-14523: reject duplicate Host headers to prevent request smuggling, cache poisoning, and host-based access control bypass attacks Important TuxCare License Agreement CVE-2025-14523 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817} - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} - ipv6: Fix out-of-bounds access in ipv6_find_tlv() {CVE-2023-53705} - libceph: fix potential use-after-free in have_mon_and_osd_map() {CVE-2025-68285} - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282} - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419} - firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432} - net: openvswitch: fix nested key length validation in the set() action - wifi: mac80211_hwsim: drop short frames {CVE-2023-53321} - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422} - fix: crypto: lzo - Fix compression buffer overrun - fix: NFSD: Protect against send buffer overflow in NFSv2 READ - cifs: fix oops during encryption {CVE-2022-50341} - SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp {CVE-2023-53297} - iomap: iomap: fix memory corruption when recording errors during writeback {CVE-2022-50406} - mm: zswap: fix missing folio cleanup in writeback race path {CVE-2024-26832} - mm: fix zswap writeback race condition - Bluetooth: prefetch channel before killing sock - Bluetooth: Fix l2cap_disconnect_req deadlock - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} {CVE-2023-53827} - Bluetooth: Fix refcount use-after-free issue - Bluetooth: Check state in l2cap_disconnect_rsp - Bluetooth: L2CAP: Fix build errors in some archs - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - Bluetooth: use the correct print format for L2CAP debug statements - i40e: fix Jumbo Frame support after iPXE boot - i40e: Report MFS in decimal base instead of hex - i40e: Fix unexpected MFS warning message - i40e: Add a check to see if MFS is set - bitops: Add non-atomic bitops for pointers - bitfield: Add FIELD_MODIFY() helper Important TuxCare License Agreement CVE-2025-39817 CVE-2022-50341 CVE-2024-26832 CVE-2023-53297 CVE-2023-53705 CVE-2023-53675 CVE-2023-53282 CVE-2025-68285 CVE-2022-50422 CVE-2022-50419 CVE-2022-50406 CVE-2023-53321 CVE-2023-53432 CVE-2023-53827 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-68615: Fix buffer overflow issue in snmptrapd daemon to prevent crashes Critical TuxCare License Agreement CVE-2025-68615 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Update to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b03. - CVE-2026-21945: Security component vulnerability allowing unauthenticated attacker with network access to cause hang or crash (DoS). Important TuxCare License Agreement CVE-2026-21945 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx {CVE-2025-40022} - arm64: pensando: Must boot Ortano kernel with spin-table - net/sched: adjust device watchdog timer to detect stopped queue at right time - net/mlx5: Mark the mellanox graceful_period fix as out-of-tree change - infiniband/xsigo: Replace BUG_ON with WARN_ON_ONCE. - infiniband/xsigo: xsvnic_main: Remove unused functions - infiniband/xsigo: xve_cm: Fix mixed code warning - infiniband/xsigo: xve_ethtool: Remove unused variable 'priv' - infiniband/xsigo: xve_ib: Fix misleading indentation - infiniband/xsigo: xve_ib: Fix mixed code warning - infiniband/xsigo: xve_verbs: Remove unused label 'out_free_pd' - infiniband/xsigo: xve_main: Remove unused function 'xve_napi_del' - infiniband/xsigo: xve_main: Fix mixed code warning - infiniband/xsigo: xve_main: Fix misleading indentation - inifinibad/xsigo: xsvnic_main: Remove unused variable 'xsvnic_ethtool_ops' - infiniband/xsigo: xscore_impl: Remove unused label 'err_pd' - rds: Fix jiffies type in struct rds_conn_path - kernel: sysctl: Remove unused variable 'zero' - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg {CVE-2025-39964} - RDMA/cm: Base cm_id destruction timeout on CMA values - x86/its: Build fails with CONFIG_MITIGATION_ITS=n - LTS tag: v5.4.302 - Input: pegasus-notetaker - fix potential out-of-bounds access {CVE-2025-68217} - Input: remove third argument of usb_maxpacket() - usb: deprecate the third argument of usb_maxpacket() - fs/proc: fix uaf in proc_readdir_de() {CVE-2025-40271} - pmdomain: imx: Fix reference count leak in imx_gpc_remove - pmdomain: arm: scmi: Fix genpd leak on provider registration failure {CVE-2025-68204} - net: netpoll: fix incorrect refcount handling causing incorrect cleanup {CVE-2025-68245} - net: qede: Initialize qede_ll_ops with designated initializer - net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error {CVE-2025-68220} - ALSA: usb-audio: fix uac2 clock source at terminal parser - mm/page_alloc: fix hash table order logging in alloc_large_system_hash() - kconfig/nconf: Initialize the default locale at startup - kconfig/mconf: Initialize the default locale at startup - vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248} - s390/ctcm: Fix double-kfree {CVE-2025-40253} - net: openvswitch: remove never-working support for setting nsh fields {CVE-2025-40254} - mlxsw: spectrum: Fix memory leak in mlxsw_sp_flower_stats() - MIPS: Malta: Fix !EVA SOC-it PCI MMIO - scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() {CVE-2025-68229} - scsi: sg: Do not sleep in atomic context {CVE-2025-40259} - Input: cros_ec_keyb - fix an invalid memory access {CVE-2025-40263} - be2net: pass wrb_params in case of OS2BMC {CVE-2025-40264} - isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() {CVE-2025-68734} - EDAC/altera: Use INTTEST register for Ethernet and USB SBE injection - EDAC/altera: Handle OCRAM ECC enable after warm reset - spi: Try to get ACPI GPIO IRQ earlier - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe {CVE-2025-68241} - strparser: Fix signed/unsigned mismatch bug - gcov: add support for GCC 15 - mm/ksm: fix flag-dropping behavior in ksm_madvise {CVE-2025-40040} - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd {CVE-2025-40275} - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE {CVE-2025-40277} - ASoC: cs4271: Fix regulator leak on probe failure - regulator: fixed: fix GPIO descriptor leak on register failure - regulator: fixed: use dev_err_probe for register - Bluetooth: L2CAP: export l2cap_chan_hold for modules - net_sched: limit try_bulk_dequeue_skb() batches - net_sched: remove need_resched() from qdisc_run() - net/mlx5e: Fix wraparound in rate limiting for values above 255 Gbps - net/mlx5e: Fix maxrate wraparound in threshold between units - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak {CVE-2025-40278} - wifi: mac80211: skip rate verification for not captured PSDUs - net: mdio: fix resource leak in mdiobus_register_device() - tipc: Fix use-after-free in tipc_mon_reinit_self(). {CVE-2025-40280} - tipc: simplify the finalize work queue - sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto {CVE-2025-40281} - sctp: get netns from asoc and ep base - Bluetooth: 6lowpan: Don't hold spin lock over sleeping functions - Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path {CVE-2025-40282} - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF {CVE-2025-40283} - net: fec: correct rx_bytes statistic for the case SHIFT16 is set - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug - NFS4: Fix state renewals missing after boot - compiler_types: Move unused static inline functions warning to W=2 - extcon: adc-jack: Cleanup wakeup source only if it was enabled - tracing: Fix memory leaks in create_field_var() - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup {CVE-2025-68192} - sctp: Prevent TOCTOU out-of-bounds write {CVE-2025-40331} - sctp: Hold RCU read lock while iterating over address list - net: dsa: b53: stop reading ARL entries if search is done - net: dsa: b53: fix enabling ip multicast - net: dsa: b53: fix resetting speed and pause on forced link - net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 - net: dsa/b53: change b53_force_port_config() pause argument - net: vlan: sync VLAN features with lower device - ceph: add checking of wait_for_completion_killable() return value - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304} - ACPI: property: Return present device nodes only on fwnode interface - 9p: sysfs_init: don't hardcode error to ENOMEM - 9p: fix /sys/fs/9p/caches overwriting itself - fs/hpfs: Fix error code for new_inode() failure in mkdir/create/mknod/symlink - ACPICA: Update dsmethod.c to get rid of unused variable warning - orangefs: fix xattr related buffer overflow... {CVE-2025-40306} - page_pool: Clamp pool size to max 16K pages - Bluetooth: bcsp: receive data only if registered {CVE-2025-40308} - Bluetooth: SCO: Fix UAF on sco_conn_free {CVE-2025-40309} - net: macb: avoid dealing with endianness in macb_set_hwaddr() - nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing {CVE-2025-68185} - NFSv4.1: fix mount hang after CREATE_SESSION failure - NFSv4: handle ERR_GRACE on delegation recalls - remoteproc: qcom: q6v5: Avoid handling handover twice - sparc/module: Add R_SPARC_UA64 relocation handling - net: intel: fm10k: Fix parameter idx set but not used - jfs: fix uninitialized waitqueue in transaction manager {CVE-2025-68168} - jfs: Verify inode mode when loading from disk {CVE-2025-40312} - ipv6: np->rxpmtu race annotation - usb: xhci: plat: Facilitate using autosuspend for xhci plat devices - usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs - allow finish_no_open(file, ERR_PTR(-E...)) - scsi: lpfc: Define size of debugfs entry for xri rebalancing - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET - selftests/Makefile: include $(INSTALL_DEP_TARGETS) in clean target to clean net/lib dependency - net/cls_cgroup: Fix task_get_classid() during qdisc run - selftests: Replace sleep with slowwait - selftests: Disable dad for ipv6 in fcnal-test.sh - media: redrat3: use int type to store negative error codes - net: sh_eth: Disable WoL if system can not suspend - phy: cadence: cdns-dphy: Enable lower resolutions in dphy - usb: gadget: f_hid: Fix zero length packet transfer - net: call cond_resched() less often in __release_sock() - ALSA: usb-audio: apply quirk for MOONDROP Quark2 - net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms - dmaengine: dw-edma: Set status for callback_result - dmaengine: mv_xor: match alloc_wc and free_wc - dmaengine: sh: setup_xref error handling - scsi: pm8001: Use int instead of u32 to store error codes - mips: lantiq: xway: sysctrl: rename stp clock - mips: lantiq: danube: add missing device_type in pci node - mips: lantiq: danube: add missing properties to cpu node - media: fix uninitialized symbol warnings - drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption - extcon: adc-jack: Fix wakeup source leaks on device unbind - PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call - net: Call trace_sock_exceed_buf_limit() for memcg failure with SK_MEM_RECV. - net: When removing nexthops, don't call synchronize_net if it is not necessary - char: misc: Does not request module for miscdevice with dynamic minor - usb: gadget: f_ncm: Fix MAC assignment NCM ethernet - iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register - media: imon: make send_packet() more robust {CVE-2025-68194} - net: ipv6: fix field-spanning memcpy warning in AH output {CVE-2025-40363} - bridge: Redirect to backup port when port is administratively down - powerpc/eeh: Use result of error_detected() in uevent - x86/vsyscall: Do not require X86_PF_INSTR to emulate vsyscall - media: pci: ivtv: Don't create fake v4l2_fh - drm/amdkfd: return -ENOTTY for unsupported IOCTLs - selftests/net: Ensure assert() triggers in psock_tpacket.c - selftests/net: Replace non-standard __WORDSIZE with sizeof(long) * 8 - PCI: Disable MSI on RDC PCI to PCIe bridges - drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() - mfd: madera: Work around false-positive -Wininitialized warning - mfd: stmpe-i2c: Add missing MODULE_LICENSE - mfd: stmpe: Remove IRQ domain upon removal - tools/power x86_energy_perf_policy: Prefer driver HWP limits - tools/power x86_energy_perf_policy: Enhance HWP enable - tools/cpupower: Fix incorrect size in cpuidle_state_disable() - hwmon: (dell-smm) Add support for Dell OptiPlex 7040 - uprobe: Do not emulate/sstep original instruction when ip is changed - clocksource/drivers/vf-pit: Replace raw_readl/writel to readl/writel - video: backlight: lp855x_bl: Set correct EPROM start for LP8556 - tee: allow a driver to allocate a tee_device without a pool - ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() - mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card - irqchip/gic-v2m: Handle Multiple MSI base IRQ Alignment - arc: Fix __fls() const-foldability via __builtin_clzl() - cpufreq/longhaul: handle NULL policy in longhaul_exit {CVE-2025-68177} - selftests/bpf: Fix bpf_prog_detach2 usage in test_lirc_mode2 - ACPI: video: force native for Lenovo 82K8 - memstick: Add timeout to prevent indefinite waiting - mmc: host: renesas_sdhi: Fix the actual clock - bpf: Don't use %pK through printk - spi: loopback-test: Don't use %pK through printk - soc: qcom: smem: Fix endian-unaware access of num_entries - usb: gadget: f_fs: Fix epfile null pointer access after ep enable. {CVE-2025-40315} - serial: 8250_dw: handle reset control deassert error - serial: 8250_dw: Use devm_add_action_or_reset() - serial: 8250_dw: Use devm_clk_get_optional() to get the input clock - can: gs_usb: increase max interface to U8_MAX - devcoredump: Fix circular locking dependency with devcd->mutex. - net: ravb: Enforce descriptor type ordering - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode {CVE-2025-40321} - net: phy: dp83867: Disable EEE support as not implemented - regmap: slimbus: fix bus_context pointer in regmap init calls {CVE-2025-40317} - drm/etnaviv: fix flush sequence logic - usbnet: Prevents free active kevent {CVE-2025-68312} - wifi: ath10k: Fix memory leak on unsupported WMI command - ASoC: qdsp6: q6asm: do not sleep while atomic - fbdev: valkyriefb: Fix reference count leak in valkyriefb_init - fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS - fbdev: bitblit: bound-check glyph index in bit_putcs* {CVE-2025-40322} - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() {CVE-2025-40211} - fbdev: atyfb: Check if pll_ops->init_pll failed - net: usb: asix_devices: Check return value of usbnet_get_endpoints - btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() - x86/bugs: Fix reporting of LFENCE retpoline - net/sched: sch_qfq: Fix null-deref in agg_dequeue {CVE-2025-40083} - RDMA/cm: Rate limit destroy CM ID timeout error message - soc/pensando: giglio: hack dts to make things right - soc/pensando: Add AMD Pensando Giglio SoC support - soc/pensando: psci support - soc/pensando: Giglio SoC eMMC interrupt driver - Reapply "cpuidle: menu: Avoid discarding useful information" - fbcon: fix integer overflow in font allocation - uek-rpm: Introduce check function for uek-rpm/tools/kabi - rds: Add smp_rmb before reading c_destroy_in_prog - uio_hv_generic: Set event for all channels on the device - ata: libata-scsi: Fix system suspend for a security locked drive - HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 - scsi: megaraid_sas: Fix concurrent access to ISR between IRQ polling and real interrupt Important TuxCare License Agreement CVE-2025-40248 CVE-2025-40280 CVE-2025-40322 CVE-2025-40278 CVE-2025-40281 CVE-2025-40282 CVE-2025-40271 CVE-2025-40211 CVE-2025-40253 CVE-2025-40254 CVE-2025-40259 CVE-2025-40263 CVE-2025-40264 CVE-2025-40275 CVE-2025-40309 CVE-2025-40312 CVE-2025-40315 CVE-2025-40317 CVE-2025-68177 CVE-2025-68185 CVE-2025-40277 CVE-2025-40022 CVE-2025-40040 CVE-2025-40083 CVE-2025-39964 CVE-2025-40283 CVE-2025-40304 CVE-2025-40306 CVE-2025-40308 CVE-2025-40321 CVE-2025-40331 CVE-2025-40363 CVE-2025-68168 CVE-2025-68194 CVE-2025-68204 CVE-2025-68217 CVE-2025-68220 CVE-2025-68229 CVE-2025-68241 CVE-2025-68734 CVE-2025-68245 CVE-2025-68192 CVE-2025-68312 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-13601: Fix heap-based buffer overflow by correcting buffer size calculation in g_escape_uri_string() function Important TuxCare License Agreement CVE-2025-13601 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers Low TuxCare License Agreement CVE-2026-24515 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-23876: fix heap buffer overflow vulnerability in the XBM image decoder (ReadXBMImage) Critical TuxCare License Agreement CVE-2026-23876 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-69421: fix NULL dereference in PKCS12_item_decrypt_d2i_ex() Important TuxCare License Agreement CVE-2025-69421 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - vsock: Do not allow binding to VMADDR_PORT_ANY {CVE-2025-38618} - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} - scsi: bfa: Double-free fix {CVE-2025-38699} - pptp: ensure minimal skb length in pptp_xmit() {CVE-2025-38574} - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572} - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685} - fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702} - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} - fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691} - bna: ensure the copied buf is NUL terminated {CVE-2024-36934} - i40e: fix idx validation in config queues msg {CVE-2025-39971} Important TuxCare License Agreement CVE-2025-38572 CVE-2025-38702 CVE-2025-38618 CVE-2025-39945 CVE-2025-38574 CVE-2025-38699 CVE-2025-39691 CVE-2023-53521 CVE-2025-38680 CVE-2025-39971 CVE-2025-38685 CVE-2024-36934 CVE-2025-39760 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-61662: fix use-after-free in gettext/gettext due to unregistered gettext command on module unload Important TuxCare License Agreement CVE-2025-61662 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-68618: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-69204: fix DOS due to buffer overflow during image processing of a specially crafted SVG image Important TuxCare License Agreement CVE-2025-69204 CVE-2025-68618 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-1761: fix stack-based buffer overflow in multipart HTTP response parsing caused by incorrect length calculation in soup_filter_input_stream_read_until() - CVE-2026-0719: fix stack-based buffer overflow in NTLM authentication caused by integer overflow in md4sum() with excessively long passwords Important TuxCare License Agreement CVE-2026-1761 CVE-2026-0719 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-14087: fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings Critical TuxCare License Agreement CVE-2025-14087 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-53899: Quote template strings in activation scripts Important TuxCare License Agreement CVE-2024-53899 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-25646: fix a heap buffer overflow in png_set_quantize() Important TuxCare License Agreement CVE-2026-25646 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2015-20107: fix shell command injection vulnerability in the mailcap module Important TuxCare License Agreement CVE-2015-20107 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2024-42516: fix HTTP response splitting by reordering header validation to occur after full response header assembly. Moderate TuxCare License Agreement CVE-2024-42516 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011D5), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215); - Update AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B10F10(ver:0x0B101058); Low TuxCare License Agreement CVE-2025-62626 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2016-9843: avoid pre-decrement of pointer in big-endian CRC calculation Critical TuxCare License Agreement CVE-2016-9843 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-25798: fix NULL pointer dereference in ClonePixelCacheRepository - CVE-2026-24481: fix heap information disclosure in PSD handler - CVE-2026-25799: fix division-by-zero in YUV sampling factor validation - CVE-2026-26284: fix out-of-bounds read in PCD Huffman decoder - CVE-2026-25897: fix integer overflow in Sun decoder on 32-bit systems - CVE-2026-26066: fix infinite loop in IPTCTEXT profile writing - CVE-2026-26283: fix infinite loop in JPEG encoder extent binary search - CVE-2026-25795: fix NULL pointer dereference in ReadSFWImage - CVE-2026-25796: fix memory leak in ReadSTEGANOImage Critical TuxCare License Agreement CVE-2026-25795 CVE-2026-25897 CVE-2026-24481 CVE-2026-25799 CVE-2026-25796 CVE-2026-26284 CVE-2026-26283 CVE-2026-25798 CVE-2026-26066 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-61144: fix stack-based buffer overflow occurs in tiffcrop Important TuxCare License Agreement CVE-2025-61144 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-12084: Prevent quadratic-time behavior when building excessively nested XML elements Moderate TuxCare License Agreement CVE-2025-12084 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server. Important TuxCare License Agreement CVE-2026-26269 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911} - media: rc: fix races with imon_disconnect() {CVE-2025-39993} - VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify {CVE-2025-38102} - partitions: mac: fix handling of bogus partition table {CVE-2025-21772} - tracing: Fix oob write in trace_seq_to_buffer() {CVE-2025-37923} - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE {CVE-2025-40277} - Bluetooth: fix use-after-free in device_for_each_child() {CVE-2024-53237} - net/atm: remove the atmdev_ops {get, set}sockopt methods {CVE-2022-50410} - i40e: add validation for ring_len param {CVE-2025-39973} - vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248} - sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240} - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() {CVE-2025-38724} - VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259} - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014} - isofs: Prevent the use of too small fid {CVE-2025-37780} - net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749} - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() {CVE-2025-39860} - i40e: Fix potential invalid access when MAC list is empty {CVE-2025-39853} - ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() {CVE-2025-38249} - fbdev: bitblit: bound-check glyph index in bit_putcs* {CVE-2025-40322} - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304} Important TuxCare License Agreement CVE-2025-21772 CVE-2025-39911 CVE-2025-40304 CVE-2024-53237 CVE-2025-40322 CVE-2025-39853 CVE-2025-39973 CVE-2025-37749 CVE-2025-39860 CVE-2025-38102 CVE-2025-37923 CVE-2025-38724 CVE-2025-37780 CVE-2025-40248 CVE-2025-40277 CVE-2024-58014 CVE-2023-53259 CVE-2025-39993 CVE-2025-38249 CVE-2025-40240 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-12084: fix quadratic algorithm when building nested XML elements with appendChild Moderate TuxCare License Agreement CVE-2025-12084 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-25797: fix PostScript/HTML code injection via unsanitized filenames - CVE-2026-25982: fix heap out-of-bounds read in DICOM colormap decoder - CVE-2026-25968: fix stack buffer overflow in MSL opacity attribute processing - CVE-2026-25986: fix heap buffer overflow write in YUV 4:2:2 decoder - CVE-2026-25987: fix heap buffer over-read in MAP image decoder - CVE-2026-25970: fix signed integer overflow in SIXEL decoder - CVE-2026-23952: fix NULL pointer dereference in MSL comment/label handlers - CVE-2026-30883: fix heap buffer overflow in PNG profile writer - CVE-2026-25988: fix MSL stack index not updated causing memory leak - CVE-2026-27798: fix heap buffer over-read in WaveletDenoiseImage - CVE-2026-25965: fix path traversal bypassing security policy Critical TuxCare License Agreement CVE-2026-25970 CVE-2026-25986 CVE-2026-30883 CVE-2026-25968 CVE-2026-23952 CVE-2026-25987 CVE-2026-25797 CVE-2026-27798 CVE-2026-25988 CVE-2026-25965 CVE-2026-25982 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - Fix CVE-2026-25210: integer overflow in doContent tag buffer reallocation Important TuxCare License Agreement CVE-2026-25210 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-25983: fix use-after-free in MSL decoder repage/roll handlers Critical TuxCare License Agreement CVE-2026-25971 CVE-2026-25983 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-5222: Fix stack buffer overflow in addTag handling that allowed subtag struct overflow leading to memory corruption and local arbitrary code execution Important TuxCare License Agreement CVE-2025-5222 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-28417: fix OS command injection in netrw plugin via crafted scp:// URIs by adding strict RFC1123 hostname validation and using shellescape() for hostname and port values. - CVE-2026-28421: fix heap-buffer-overflow and SEGV in swap file recovery by adding bounds checks on pe_page_count, pe_bnum, pe_old_lnum and pe_line_count before descending into the block tree. Important TuxCare License Agreement CVE-2026-28417 CVE-2026-28421 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-15367: reject control characters in POP3 commands to prevent command injection Important TuxCare License Agreement CVE-2025-15367 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory permissions via crafted filenames - CVE-2019-6109: fix scp client where a malicious server could manipulate the client's progress display output due to missing character encoding - CVE-2019-6111: fix scp client vulnerability that allowed a malicious server to overwrite arbitrary files in the client's target directory, including subdirectories, when performing transfers Moderate TuxCare License Agreement CVE-2019-6111 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-15366: reject control characters in IMAP commands Important TuxCare License Agreement CVE-2025-15366 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-33526: fix heap use-after-free due to double rfc1738_escape in ICP error handling - CVE-2026-33515: fix validation of ICP packet sizes and URLs to prevent out-of-bounds reads - CVE-2026-32748: fix HttpRequest use-after-free in ICP v3 query handling Low TuxCare License Agreement CVE-2026-33526 CVE-2026-32748 CVE-2026-33515 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-15366: reject control characters in IMAP commands to prevent command injection Important TuxCare License Agreement CVE-2025-15366 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder - CVE-2026-24485: fix infinite loop in PCD decoder - CVE-2025-66628: fix integer overflow in TIM decoder on 32-bit systems - CVE-2026-28693: fix integer overflow in DIB/BMP coder Important TuxCare License Agreement CVE-2026-24485 CVE-2026-28691 CVE-2026-25985 CVE-2025-66628 CVE-2026-28494 CVE-2026-25989 CVE-2026-28693 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via newlines Important TuxCare License Agreement CVE-2025-15367 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - ovl: Filter invalid inodes with missing lookup function {CVE-2024-56570} - ALSA: aloop: Fix racy access at PCM trigger {CVE-2026-23191} - media: imon: reorganize serialization {CVE-2025-39993} - usb: xhci: Fix inverted ring_xrun_event check in handle_tx_event() {CVE-2025-37882} - Revert "VFS: Impose ordering on accesses of d_inode and d_flags" - Revert "VFS: Combine inode checks with d_is_negative() and d_is_positive() in pathwalk" - Revert "namei: d_is_negative() should be checked before ->d_seq validation" - Revert "namei: results of d_is_negative() should be checked after dentry revalidation" - Revert "namei: ->d_inode of a pinned dentry is stable only for positives" - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() {CVE-2026-23193} - net/sched: cls_u32: use skb_header_pointer_careful() {CVE-2026-23204} - net: add skb_header_pointer_careful() helper {CVE-2026-23204} - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089} - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid {CVE-2025-68349} - net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074} Important TuxCare License Agreement CVE-2026-23089 CVE-2026-23204 CVE-2026-23074 CVE-2026-23191 CVE-2024-56570 CVE-2025-68349 CVE-2026-23193 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089} - HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} - KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115} - KVM: x86: Reset IRTE to host control if *new* route isn't postable {CVE-2025-37885} - NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945} - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid {CVE-2025-68349} - Revert "IB/core: Implement clear counters" - Revert "IB/mlx5: Implement clear counters" - Revert "ib/core: add SET_DEVICE_OP call for clear_hw_stats()" - Revert "perf/x86: Always store regs->ip in perf_callchain_kernel()" - Revert "xfrm: destroy xfrm_state synchronously on net exit path" - bpf, sockmap: Fix race between element replace and close() {CVE-2024-56664} - can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak {CVE-2026-23061} - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec {CVE-2026-23060} - crypto: lzo - Fix compression buffer overrun {CVE-2025-38068} - drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991} - ext4/jbd2: skip sb flush when EIO happened - ext4: save the error code which triggered an - fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940} - fs: proc: inode: delay put_pid() by RCU - fs: writeback: fix use-after-free in __mark_inode_dirty() {CVE-2025-39866} - genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask - io_uring: fix filename leak in __io_openat_prep() {CVE-2025-68814} - jbd2: store more accurate errno in superblock - libceph: fix potential use-after-free in have_mon_and_osd_map() {CVE-2025-68285} - libceph: make free_choose_arg_map() resilient to partial allocation {CVE-2026-22991} - macvlan: Add nodst option to macvlan type source - macvlan: Use 'hash' iterators to simplify code - macvlan: fix error recovery in macvlan_common_newlink() {CVE-2026-23209} - macvlan: fix possible UAF in macvlan_forward_source() {CVE-2026-23001} - macvlan: observe an RCU grace period in macvlan_common_newlink() error path {CVE-2026-23273} - media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900} - mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745} - net/sched: sch_qfq: do not free existing class in qfq_change_class() {CVE-2026-22999} - net: sock: fix hardened usercopy panic in sock_recv_errqueue {CVE-2026-22977} - net: usb: rtl8150: fix memory leak on usb_submit_urb() failure {CVE-2025-71154} - rds: Add state field to RDS trace logs. - rds: Drop rds conn in connect worker if not in down state. - scsi: mpi3mr: Sanitise num_phys {CVE-2024-42159} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() {CVE-2026-23193} - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073} - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint {CVE-2025-22083} - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929} - xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added {CVE-2025-40256} - xfrm: delete x->tunnel as we delete x {CVE-2025-40215} - xfrm: flush all states in xfrm_state_fini Important TuxCare License Agreement CVE-2026-23089 CVE-2025-39866 CVE-2026-22999 CVE-2024-49991 CVE-2024-47745 CVE-2024-50115 CVE-2025-68285 CVE-2024-44940 CVE-2024-43900 CVE-2024-50073 CVE-2026-22977 CVE-2024-46724 CVE-2025-37885 CVE-2026-23061 CVE-2024-46731 CVE-2025-38068 CVE-2026-22991 CVE-2026-23060 CVE-2025-38556 CVE-2025-39760 CVE-2025-71154 CVE-2024-40929 CVE-2025-68349 CVE-2024-42159 CVE-2024-56664 CVE-2025-22083 CVE-2026-23193 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2025-5244: fix NULL deref in elf_gc_sweep with empty groups - CVE-2025-5245: fix SEGV in debug_type_samep - CVE-2026-3441 CVE-2026-3442: fix out-of-bounds read in XCOFF relocation processing Important TuxCare License Agreement CVE-2026-3442 CVE-2025-5244 CVE-2026-3441 CVE-2025-5245 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2023-45539: reject '#' as part of the URI to prevent ACL bypass via path_end rules Important TuxCare License Agreement CVE-2023-45539 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2022-3970: fix integer overflow in TIFFReadRGBATileExt on strips/tiles > 2 GB - CVE-2022-0891: fix heap buffer overflow in extractImageSection in tiffcrop Important TuxCare License Agreement CVE-2022-3970 CVE-2022-0891 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2026-32636: fix out-of-bounds write in NewXMLTree/ConvertUTF16ToUTF8 Important TuxCare License Agreement CVE-2026-32636 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2022-4904: fix stack overflow in ares_set_sortlist due to missing input validation Important TuxCare License Agreement CVE-2022-4904 cpe:/o:oracle:linux:7:9:server Oracle Linux 7 - CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent O(n^2) parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs (entity expansion bomb) attack protection with amplification limit (100x max, 8 MiB activation threshold); includes fix for isolated external parser bypass (CVE-2024-28757) - CVE-2024-28757: add billion laughs (entity expansion bomb) attack protection with amplification limit (100x max, 8 MiB activation threshold); includes fix for isolated external parser bypass (CVE-2024-28757) Important TuxCare License Agreement CVE-2023-52425 CVE-2024-28757 CVE-2013-0340 CVE-2017-9233 cpe:/o:oracle:linux:7:9:server /etc/els-release Oracle Linux Server release 7\.9 \(ELS by TuxCare\) 1 expat expat-devel expat-static wget php php-bcmath php-cli php-common php-dba php-devel php-embedded php-enchant php-fpm php-gd php-intl php-ldap php-mbstring php-mysql php-mysqlnd php-odbc php-pdo php-pgsql php-process php-pspell php-recode php-snmp php-soap php-xml php-xmlrpc nettle nettle-devel python python-debug python-devel python-libs python-test python-tools tkinter gnutls gnutls-c++ gnutls-dane gnutls-devel gnutls-utils libxml2 libxml2-devel libxml2-python libxml2-static python3 python3-debug python3-devel python3-idle python3-libs python3-test python3-tkinter rsync bind bind-chroot bind-devel bind-export-devel bind-export-libs bind-libs bind-libs-lite bind-license bind-lite-devel bind-pkcs11 bind-pkcs11-devel bind-pkcs11-libs bind-pkcs11-utils bind-sdb bind-sdb-chroot bind-utils binutils binutils-devel httpd httpd-devel httpd-manual httpd-tools mod_ldap mod_proxy_html mod_session mod_ssl bpftool kernel kernel-debug kernel-debug-devel kernel-devel kernel-headers kernel-tools kernel-tools-libs kernel-tools-libs-devel perf python-perf grub2 grub2-common grub2-efi-ia32 grub2-efi-ia32-cdboot grub2-efi-ia32-modules grub2-efi-x64 grub2-efi-x64-cdboot grub2-efi-x64-modules grub2-pc grub2-pc-modules grub2-tools grub2-tools-extra grub2-tools-minimal openssh openssh-askpass openssh-cavs openssh-clients openssh-keycat openssh-ldap openssh-server openssh-server-sysvinit pam_ssh_agent_auth libsoup libsoup-devel libvirt libvirt-admin libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt-daemon-driver-interface libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-kvm libvirt-daemon-lxc libvirt-devel libvirt-docs libvirt-libs libvirt-lock-sanlock libvirt-login-shell libvirt-nss kernel-uek kernel-uek-container kernel-uek-container-debug kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-headers kernel-uek-tools cpp gcc gcc-c++ gcc-gfortran gcc-gnat gcc-go gcc-objc gcc-objc++ gcc-plugin-devel libasan libasan-static libatomic libatomic-static libgcc libgfortran libgfortran-static libgnat libgnat-devel libgnat-static libgo libgo-devel libgo-static libgomp libitm libitm-devel libitm-static libmudflap libmudflap-devel libmudflap-static libobjc libquadmath libquadmath-devel libquadmath-static libstdc++ libstdc++-devel libstdc++-docs libstdc++-static libtsan libtsan-static java-1.8.0-openjdk java-1.8.0-openjdk-accessibility java-1.8.0-openjdk-accessibility-debug java-1.8.0-openjdk-debug java-1.8.0-openjdk-demo java-1.8.0-openjdk-demo-debug java-1.8.0-openjdk-devel java-1.8.0-openjdk-devel-debug java-1.8.0-openjdk-headless java-1.8.0-openjdk-headless-debug java-1.8.0-openjdk-javadoc java-1.8.0-openjdk-javadoc-debug java-1.8.0-openjdk-javadoc-zip java-1.8.0-openjdk-javadoc-zip-debug java-1.8.0-openjdk-src java-1.8.0-openjdk-src-debug pam pam-devel freetype freetype-demos freetype-devel sudo sudo-devel emacs-git emacs-git-el git git-all git-bzr git-cvs git-daemon git-email git-gnome-keyring git-gui git-hg git-instaweb git-p4 git-svn gitk gitweb perl-Git perl-Git-SVN lemon sqlite sqlite-devel sqlite-doc sqlite-tcl mod_dav_svn subversion subversion-devel subversion-gnome subversion-javahl subversion-kde subversion-libs subversion-perl subversion-python subversion-ruby subversion-tools squid squid-migration-script squid-sysvinit libxslt libxslt-devel libxslt-python minizip minizip-devel zlib zlib-devel zlib-static glibc glibc-common glibc-devel glibc-headers glibc-static glibc-utils nscd microcode_ctl glib2 glib2-devel glib2-doc glib2-fam glib2-static glib2-tests krb5-devel krb5-libs krb5-pkinit krb5-server krb5-server-ldap krb5-workstation libkadm5 libtiff libtiff-devel libtiff-static libtiff-tools vim-X11 vim-common vim-enhanced vim-filesystem vim-minimal openssl openssl-devel openssl-libs openssl-perl openssl-static jasper jasper-devel jasper-libs jasper-utils libndp libndp-devel xorg-x11-server-Xdmx xorg-x11-server-Xephyr xorg-x11-server-Xnest xorg-x11-server-Xorg xorg-x11-server-Xvfb xorg-x11-server-Xwayland xorg-x11-server-common xorg-x11-server-devel xorg-x11-server-source tigervnc tigervnc-icons tigervnc-license tigervnc-server tigervnc-server-applet tigervnc-server-minimal tigervnc-server-module python3-setuptools cups cups-client cups-devel cups-filesystem cups-ipptool cups-libs cups-lpd gdk-pixbuf2 gdk-pixbuf2-devel gdk-pixbuf2-tests libipa_hbac libipa_hbac-devel libsss_autofs libsss_certmap libsss_certmap-devel libsss_idmap libsss_idmap-devel libsss_nss_idmap libsss_nss_idmap-devel libsss_simpleifp libsss_simpleifp-devel libsss_sudo python-libipa_hbac python-libsss_nss_idmap python-sss python-sss-murmur python-sssdconfig sssd sssd-ad sssd-client sssd-common sssd-common-pac sssd-dbus sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap sssd-libwbclient sssd-libwbclient-devel sssd-polkit-rules sssd-proxy sssd-tools sssd-winbind-idmap python-setuptools bsdcpio bsdtar libarchive libarchive-devel perl-FCGI gstreamer1 gstreamer1-devel gstreamer1-devel-docs libblockdev libblockdev-btrfs libblockdev-btrfs-devel libblockdev-crypto libblockdev-crypto-devel libblockdev-devel libblockdev-dm libblockdev-dm-devel libblockdev-fs libblockdev-fs-devel libblockdev-kbd libblockdev-kbd-devel libblockdev-loop libblockdev-loop-devel libblockdev-lvm libblockdev-lvm-devel libblockdev-mdraid libblockdev-mdraid-devel libblockdev-mpath libblockdev-mpath-devel libblockdev-nvdimm libblockdev-nvdimm-devel libblockdev-part libblockdev-part-devel libblockdev-plugins-all libblockdev-swap libblockdev-swap-devel libblockdev-utils libblockdev-utils-devel libblockdev-vdo libblockdev-vdo-devel python2-blockdev gstreamer1-plugins-base gstreamer1-plugins-base-devel gstreamer1-plugins-base-devel-docs gstreamer1-plugins-base-tools gstreamer1-plugins-good emacs emacs-common emacs-el emacs-filesystem emacs-nox emacs-terminal mpfr mpfr-devel libudisks2 libudisks2-devel udisks2 udisks2-iscsi udisks2-lsm udisks2-lvm2 unbound unbound-devel unbound-libs unbound-python python-jinja2 postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-libs postgresql-plperl postgresql-plpython postgresql-pltcl postgresql-server postgresql-static postgresql-test postgresql-upgrade ImageMagick ImageMagick-c++ ImageMagick-c++-devel ImageMagick-devel ImageMagick-doc ImageMagick-perl libpng libpng-devel libpng-static perl perl-CPAN perl-ExtUtils-CBuilder perl-ExtUtils-Embed perl-ExtUtils-Install perl-IO-Zlib perl-Locale-Maketext-Simple perl-Module-CoreList perl-Module-Loaded perl-Object-Accessor perl-Package-Constants perl-Pod-Escapes perl-Time-Piece perl-core perl-devel perl-libs perl-macros perl-tests aide mariadb mariadb-bench mariadb-devel mariadb-embedded mariadb-embedded-devel mariadb-libs mariadb-server mariadb-test gnupg2 gnupg2-smime net-snmp net-snmp-agent-libs net-snmp-devel net-snmp-gui net-snmp-libs net-snmp-perl net-snmp-python net-snmp-sysvinit net-snmp-utils python-virtualenv iwl100-firmware iwl1000-firmware iwl105-firmware iwl135-firmware iwl2000-firmware iwl2030-firmware iwl3160-firmware iwl3945-firmware iwl4965-firmware iwl5000-firmware iwl5150-firmware iwl6000-firmware iwl6000g2a-firmware iwl6000g2b-firmware iwl6050-firmware iwl7260-firmware iwlax2xx-firmware linux-firmware linux-nano-firmware icu libicu libicu-devel libicu-doc haproxy c-ares c-ares-devel i686|x86_64 0:2.1.0-15.0.1.el7_9.tuxcare.els1 72f97b74ec551f03 d07bf2a08d50eb66 x86_64 0:1.14-18.el7_6.1.tuxcare.els1 x86_64 0:5.4.16-48.el7.tuxcare.els6 i686|x86_64 0:2.7.1-9.el7_9.tuxcare.els1 x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els1 i686|x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els1 i686|x86_64 0:3.3.29-9.el7_6.tuxcare.els1 x86_64 0:3.3.29-9.el7_6.tuxcare.els1 i686|x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els1 x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els1 i686|x86_64 0:3.6.8-21.0.1.el7_9.tuxcare.els1 x86_64 0:3.1.2-12.el7_9.tuxcare.els2 x86_64 0:3.1.2-12.el7_9.tuxcare.els3 x86_64 0:3.1.2-12.el7_9.tuxcare.els4 i686|x86_64 0:3.6.8-21.0.1.el7_9.tuxcare.els2 i686|x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els2 x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els2 x86_64 32:9.11.4-26.0.1.P2.el7_9.16.tuxcare.els1 i686|x86_64 32:9.11.4-26.0.1.P2.el7_9.16.tuxcare.els1 32:9.11.4-26.0.1.P2.el7_9.16.tuxcare.els1 x86_64 0:2.27-44.base.0.3.el7_9.1.tuxcare.els1 i686|x86_64 0:2.27-44.base.0.3.el7_9.1.tuxcare.els1 x86_64 0:2.4.6-99.0.5.el7_9.1.tuxcare.els1 0:2.4.6-99.0.5.el7_9.1.tuxcare.els1 x86_64 1:2.4.6-99.0.5.el7_9.1.tuxcare.els1 ^((?!uek).)*$ (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[2-9]\d|1[8-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els18 x86_64 1:2.02-0.87.0.26.el7_9.14.tuxcare.els1 1:2.02-0.87.0.26.el7_9.14.tuxcare.els1 x86_64 0:7.4p1-23.0.3.el7_9.tuxcare.els1 i686|x86_64 0:0.10.3-2.23.0.3.el7_9.tuxcare.els1 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[2-9]\d|19))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els19 x86_64 1:2.02-0.87.0.26.el7_9.14.tuxcare.els4 1:2.02-0.87.0.26.el7_9.14.tuxcare.els4 i686|x86_64 0:2.62.2-2.0.1.el7.tuxcare.els3 x86_64 0:4.5.0-36.el7_9.5.tuxcare.els1 i686|x86_64 0:4.5.0-36.el7_9.5.tuxcare.els1 uek (^5\.4\.17\-((?:(?:\d{5,}|[3-9]\d{3}|2[2-9]\d{2}|21[4-9]\d|213[7-9])(?:\.\d+)*|2136\.(?:\d{4,}|[4-9]\d{2}|3[4-9]\d|339)(?:\.\d+)*|2136\.338\.(?:\d{2,}|[5-9])(?:\.\d+)*|2136\.338\.4\.(?:\d{2,}|[3-9])(?:\.\d+)*|2136\.338\.4\.2\.\d+(?:\.\d+)*)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:2136\.338\.4\.2)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[1-9]))?\.(?:x86_64|i686))$) x86_64 0:5.4.17-2136.338.4.2.el7uek.tuxcare.els1 i686|x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els4 x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els4 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[3-9]\d|2[0-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20 x86_64 0:5.4.16-48.el7.tuxcare.els9 x86_64 0:4.8.5-44.0.3.el7.tuxcare.els1 i686|x86_64 0:4.8.5-44.0.3.el7.tuxcare.els1 x86_64 1:1.8.0.452.b09-1.el7_9.tuxcare.els1 1:1.8.0.452.b09-1.el7_9.tuxcare.els1 i686|x86_64 0:1.1.8-23.0.1.el7.tuxcare.els1 x86_64 0:7.4p1-23.0.3.el7_9.tuxcare.els2 i686|x86_64 0:0.10.3-2.23.0.3.el7_9.tuxcare.els2 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[3-9]\d|2[1-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els21 i686|x86_64 0:2.8-14.el7_9.1.tuxcare.els2 x86_64 0:2.8-14.el7_9.1.tuxcare.els2 x86_64 0:1.8.23-10.el7_9.3.tuxcare.els3 i686|x86_64 0:1.8.23-10.el7_9.3.tuxcare.els3 i686|x86_64 0:2.62.2-2.0.1.el7.tuxcare.els4 0:1.8.3.1-25.el7_9.tuxcare.els4 x86_64 0:1.8.3.1-25.el7_9.tuxcare.els4 i686|x86_64 0:2.62.2-2.0.1.el7.tuxcare.els5 i686|x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els5 x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els5 x86_64 0:5.4.16-48.el7.tuxcare.els10 x86_64 0:5.4.16-48.el7.tuxcare.els11 x86_64 1:1.8.0.462.b08-1.el7_9.tuxcare.els1 1:1.8.0.462.b08-1.el7_9.tuxcare.els1 x86_64 0:3.7.17-8.el7_7.1.tuxcare.els2 i686|x86_64 0:3.7.17-8.el7_7.1.tuxcare.els2 0:3.7.17-8.el7_7.1.tuxcare.els2 x86_64 0:5.4.16-48.el7.tuxcare.els12 x86_64 0:1.7.14-16.el7.tuxcare.els1 i686|x86_64 0:1.7.14-16.el7.tuxcare.els1 0:1.8.3.1-25.el7_9.tuxcare.els5 x86_64 0:1.8.3.1-25.el7_9.tuxcare.els5 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[3-9]\d|2[2-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els22 x86_64 0:5.4.16-48.el7.tuxcare.els13 x86_64 7:3.5.20-17.0.5.el7_9.13.tuxcare.els1 i686|x86_64 0:1.1.28-6.0.1.el7.tuxcare.els3 x86_64 0:1.1.28-6.0.1.el7.tuxcare.els3 x86_64 7:3.5.20-17.0.5.el7_9.13.tuxcare.els2 i686|x86_64 0:1.2.7-21.el7_9.tuxcare.els2 i686|x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els7 x86_64 0:2.9.1-6.0.3.el7_9.6.tuxcare.els7 i686|x86_64 0:1.1.8-23.0.1.el7.tuxcare.els2 i686|x86_64 0:2.17-326.0.9.el7_9.3.tuxcare.els1 x86_64 0:2.17-326.0.9.el7_9.3.tuxcare.els1 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[3-9]\d|2[4-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els24 (^5\.4\.17\-((?:(?:\d{5,}|[3-9]\d{3}|2[2-9]\d{2}|21[4-9]\d|213[7-9])(?:\.\d+)*|2136\.(?:\d{4,}|[4-9]\d{2}|3[4-9]\d|339)(?:\.\d+)*|2136\.338\.(?:\d{2,}|[5-9])(?:\.\d+)*|2136\.338\.4\.(?:\d{2,}|[3-9])(?:\.\d+)*|2136\.338\.4\.2\.\d+(?:\.\d+)*)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:2136\.338\.4\.2)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[3-9]))?\.(?:x86_64|i686))$) x86_64 0:5.4.17-2136.338.4.2.el7uek.tuxcare.els3 x86_64 0:5.4.16-48.el7.tuxcare.els14 (^5\.4\.17\-((?:(?:\d{5,}|[3-9]\d{3}|2[2-9]\d{2}|21[4-9]\d|213[7-9])(?:\.\d+)*|2136\.(?:\d{4,}|[4-9]\d{2}|3[4-9]\d|339)(?:\.\d+)*|2136\.338\.(?:\d{2,}|[5-9])(?:\.\d+)*|2136\.338\.4\.(?:\d{2,}|[3-9])(?:\.\d+)*|2136\.338\.4\.2\.\d+(?:\.\d+)*)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:2136\.338\.4\.2)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[2-9]))?\.(?:x86_64|i686))$) x86_64 0:5.4.17-2136.338.4.2.el7uek.tuxcare.els2 i686|x86_64 0:3.3.29-9.el7_6.tuxcare.els2 x86_64 0:3.3.29-9.el7_6.tuxcare.els2 x86_64 0:2.4.6-99.0.5.el7_9.1.tuxcare.els6 0:2.4.6-99.0.5.el7_9.1.tuxcare.els6 x86_64 1:2.4.6-99.0.5.el7_9.1.tuxcare.els6 x86_64 2:2.1-73.20.0.2.el7_9.tuxcare.els1 i686|x86_64 0:2.56.1-9.el7_9.tuxcare.els3 0:2.56.1-9.el7_9.tuxcare.els3 x86_64 0:2.56.1-9.el7_9.tuxcare.els3 i686|x86_64 0:2.17-326.0.9.el7_9.3.tuxcare.els2 x86_64 0:2.17-326.0.9.el7_9.3.tuxcare.els2 x86_64 0:5.4.16-48.el7.tuxcare.els15 0:1.8.3.1-25.el7_9.tuxcare.els6 x86_64 0:1.8.3.1-25.el7_9.tuxcare.els6 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[2-9]\d)(?:\.\d+)*|1160\.119\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.119\.1\.(?:\d{2,}|[1-9])(?:\.\d+)*|1160\.119\.1\.0\.(?:\d{2,}|[6-9])(?:\.\d+)*|1160\.119\.1\.0\.5\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.119\.1\.0\.5)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{3,}|[3-9]\d|2[5-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.119.1.0.5.el7.tuxcare.els25 i686|x86_64 0:1.15.1-55.0.7.el7_9.99.tuxcare.els1 x86_64 0:1.15.1-55.0.7.el7_9.99.tuxcare.els1 i686|x86_64 0:3.6.8-21.0.1.el7_9.tuxcare.els3 i686|x86_64 0:4.0.3-35.el7.tuxcare.els5 x86_64 0:4.0.3-35.el7.tuxcare.els5 x86_64 2:7.4.629-8.0.1.el7_9.tuxcare.els1 x86_64 1:1.0.2k-26.el7_9.tuxcare.els6 i686|x86_64 1:1.0.2k-26.el7_9.tuxcare.els6 x86_64 0:1.900.1-33.el7.tuxcare.els2 i686|x86_64 0:1.900.1-33.el7.tuxcare.els2 i686|x86_64 0:1.2-10.0.1.el7_9.tuxcare.els1 x86_64 0:1.20.4-99.el7_9.tuxcare.els7 i686|x86_64 0:1.20.4-99.el7_9.tuxcare.els7 0:1.20.4-99.el7_9.tuxcare.els7 x86_64 0:1.8.0-33.0.7.el7_9.tuxcare.els1 0:1.8.0-33.0.7.el7_9.tuxcare.els1 i686|x86_64 0:3.6.8-21.0.5.el7_9.tuxcare.els1 0:39.2.0-10.0.5.el7.tuxcare.els1 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[4-9]\d)(?:\.\d+)*|1160\.139\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.139\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.139\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[2-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.139.1.el7.tuxcare.els2 x86_64 1:1.6.3-52.el7_9.tuxcare.els2 i686|x86_64 1:1.6.3-52.el7_9.tuxcare.els2 1:1.6.3-52.el7_9.tuxcare.els2 x86_64 1:1.6.3-52.el7_9.tuxcare.els3 i686|x86_64 1:1.6.3-52.el7_9.tuxcare.els3 1:1.6.3-52.el7_9.tuxcare.els3 i686|x86_64 0:4.0.3-35.el7.tuxcare.els6 x86_64 0:4.0.3-35.el7.tuxcare.els6 x86_64 0:3.1.2-12.0.1.el7_9.tuxcare.els2 i686|x86_64 0:3.6.8-21.0.5.el7_9.tuxcare.els2 x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els2 i686|x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els2 i686|x86_64 0:2.36.12-3.el7.tuxcare.els1 x86_64 0:2.36.12-3.el7.tuxcare.els1 i686|x86_64 0:1.16.5-10.0.3.el7_9.16.tuxcare.els1 x86_64 0:1.16.5-10.0.3.el7_9.16.tuxcare.els1 0:1.16.5-10.0.3.el7_9.16.tuxcare.els1 0:0.9.8-7.0.1.el7.tuxcare.els1 (^5\.4\.17\-((?:(?:\d{5,}|[3-9]\d{3}|2[2-9]\d{2}|21[4-9]\d|213[7-9])(?:\.\d+)*|2136\.(?:\d{4,}|[4-9]\d{2}|3[4-9]\d|339)(?:\.\d+)*|2136\.338\.(?:\d{2,}|[5-9])(?:\.\d+)*|2136\.338\.4\.(?:\d{2,}|[3-9])(?:\.\d+)*|2136\.338\.4\.2\.\d+(?:\.\d+)*)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:2136\.338\.4\.2)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[4-9]))?\.(?:x86_64|i686))$) x86_64 0:5.4.17-2136.338.4.2.el7uek.tuxcare.els4 x86_64 7:3.5.20-17.0.5.el7_9.99.tuxcare.els2 x86_64 0:3.1.2-14.el7_7.tuxcare.els2 i686|x86_64 0:3.1.2-14.el7_7.tuxcare.els2 x86_64 1:0.74-8.el7.tuxcare.els1 i686|x86_64 0:1.10.4-2.el7.tuxcare.els1 0:1.10.4-2.el7.tuxcare.els1 i686|x86_64 0:2.18-5.el7.tuxcare.els1 x86_64 0:2.18-5.el7.tuxcare.els1 i686|x86_64 0:1.10.4-2.el7.tuxcare.els3 0:1.10.4-2.el7.tuxcare.els3 x86_64 0:1.10.4-2.el7.tuxcare.els3 i686|x86_64 0:2.62.2-2.0.5.el7.tuxcare.els2 i686|x86_64 0:1.10.4-2.el7.tuxcare.els2 x86_64 0:3.1.2-14.el7_7.tuxcare.els3 i686|x86_64 0:3.1.2-14.el7_7.tuxcare.els3 x86_64 1:24.3-23.0.1.el7_9.1.tuxcare.els1 1:24.3-23.0.1.el7_9.1.tuxcare.els1 i686|x86_64 0:3.1.1-4.0.1.el7.tuxcare.els1 i686|x86_64 0:2.8.4-1.el7.tuxcare.els1 x86_64 0:2.8.4-1.el7.tuxcare.els1 x86_64 0:1.8.0-33.0.7.el7_9.tuxcare.els2 0:1.8.0-33.0.7.el7_9.tuxcare.els2 x86_64 0:1.20.4-99.el7_9.tuxcare.els8 i686|x86_64 0:1.20.4-99.el7_9.tuxcare.els8 0:1.20.4-99.el7_9.tuxcare.els8 i686|x86_64 1:1.8.0.472.b08-1.el7_9.tuxcare.els1 1:1.8.0.472.b08-1.el7_9.tuxcare.els1 x86_64 0:1.6.6-5.el7_8.tuxcare.els3 i686|x86_64 0:1.6.6-5.el7_8.tuxcare.els3 0:2.7.2-4.el7.tuxcare.els1 i686|x86_64 0:9.2.24-9.0.3.el7_9.tuxcare.els1 x86_64 0:9.2.24-9.0.3.el7_9.tuxcare.els1 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els1 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els1 x86_64 0:1.6.6-5.el7_8.tuxcare.els4 i686|x86_64 0:1.6.6-5.el7_8.tuxcare.els4 i686|x86_64 2:1.5.13-8.el7.tuxcare.els1 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[4-9]\d)(?:\.\d+)*|1160\.139\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.139\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.139\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[3-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.139.1.el7.tuxcare.els3 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[4-9]\d)(?:\.\d+)*|1160\.139\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.139\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.139\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[4-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.139.1.el7.tuxcare.els4 x86_64 0:2.4.6-99.0.5.el7_9.1.tuxcare.els7 0:2.4.6-99.0.5.el7_9.1.tuxcare.els7 x86_64 1:2.4.6-99.0.5.el7_9.1.tuxcare.els7 0:1.8.3.1-25.el7_9.tuxcare.els7 x86_64 0:1.8.3.1-25.el7_9.tuxcare.els7 x86_64 4:5.16.3-299.el7_9.tuxcare.els1 0:1.9800-299.el7_9.tuxcare.els1 1:0.28.2.6-299.el7_9.tuxcare.els1 0:1.30-299.el7_9.tuxcare.els1 0:1.58-299.el7_9.tuxcare.els1 1:1.10-299.el7_9.tuxcare.els1 1:0.21-299.el7_9.tuxcare.els1 1:2.76.02-299.el7_9.tuxcare.els1 1:0.08-299.el7_9.tuxcare.els1 1:0.42-299.el7_9.tuxcare.els1 1:0.02-299.el7_9.tuxcare.els1 1:1.04-299.el7_9.tuxcare.els1 x86_64 0:1.20.1-299.el7_9.tuxcare.els1 x86_64 0:5.16.3-299.el7_9.tuxcare.els1 i686|x86_64 4:5.16.3-299.el7_9.tuxcare.els1 0:1.8.3.1-25.el7_9.tuxcare.els9 x86_64 0:1.8.3.1-25.el7_9.tuxcare.els9 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els2 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els2 x86_64 0:0.15.1-13.0.1.el7_9.1.tuxcare.els1 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[5-9]\d|14[3-9])(?:\.\d+)*|1160\.142\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.142\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.142\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[1-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.142.1.el7.tuxcare.els1 i686|x86_64 2:1.5.13-8.el7.tuxcare.els2 x86_64 1:5.5.68-1.el7.tuxcare.els1 i686|x86_64 1:5.5.68-1.el7.tuxcare.els1 x86_64 0:2.0.22-5.el7_5.tuxcare.els1 i686|x86_64 0:2.62.2-2.0.5.el7.tuxcare.els3 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[5-9]\d|14[5-9])(?:\.\d+)*|1160\.144\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.144\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.144\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[1-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.144.1.el7.tuxcare.els1 x86_64 1:5.7.2-49.0.1.el7_9.4.tuxcare.els1 i686|x86_64 1:5.7.2-49.0.1.el7_9.4.tuxcare.els1 i686|x86_64 1:1.8.0.482.b03-1.el7_9.tuxcare.els1 1:1.8.0.482.b03-1.el7_9.tuxcare.els1 (^5\.4\.17\-((?:(?:\d{5,}|[3-9]\d{3}|2[2-9]\d{2}|21[4-9]\d|213[7-9])(?:\.\d+)*|2136\.(?:\d{4,}|[4-9]\d{2}|3[6-9]\d|35[3-9])(?:\.\d+)*|2136\.352\.(?:\d{2,}|[6-9])(?:\.\d+)*|2136\.352\.5\.\d+(?:\.\d+)*)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:2136\.352\.5)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[1-9]))?\.(?:x86_64|i686))$) x86_64 0:5.4.17-2136.352.5.el7uek.tuxcare.els1 i686|x86_64 0:2.56.1-9.el7_9.tuxcare.els4 0:2.56.1-9.el7_9.tuxcare.els4 x86_64 0:2.56.1-9.el7_9.tuxcare.els4 i686|x86_64 0:2.1.0-15.0.1.el7_9.tuxcare.els2 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els3 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els3 x86_64 1:1.0.2k-26.el7_9.tuxcare.els7 i686|x86_64 1:1.0.2k-26.el7_9.tuxcare.els7 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[5-9]\d|14[5-9])(?:\.\d+)*|1160\.144\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.144\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.144\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[2-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.144.1.el7.tuxcare.els2 x86_64 1:2.02-0.87.0.27.el7_9.14.tuxcare.els2 1:2.02-0.87.0.27.el7_9.14.tuxcare.els2 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els4 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els4 i686|x86_64 0:2.62.2-2.0.5.el7.tuxcare.els4 i686|x86_64 0:2.56.1-9.el7_9.tuxcare.els5 0:2.56.1-9.el7_9.tuxcare.els5 x86_64 0:2.56.1-9.el7_9.tuxcare.els5 0:15.1.0-7.el7_9.tuxcare.els1 i686|x86_64 2:1.5.13-8.el7.tuxcare.els3 x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els3 i686|x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els3 x86_64 0:2.4.6-99.0.5.el7_9.1.tuxcare.els8 0:2.4.6-99.0.5.el7_9.1.tuxcare.els8 x86_64 1:2.4.6-99.0.5.el7_9.1.tuxcare.els8 999:39.31.5.1-999.41.el7.tuxcare.els3 999:18.168.6.1-999.41.el7.tuxcare.els3 999:22.0.7.0-999.41.el7.tuxcare.els3 999:15.32.2.9-999.41.el7.tuxcare.els3 999:228.61.2.24-999.41.el7.tuxcare.els3 999:8.83.5.1_1-999.41.el7.tuxcare.els3 999:8.24.2.2-999.41.el7.tuxcare.els3 999:9.221.4.1-999.41.el7.tuxcare.els3 999:17.168.5.3-999.41.el7.tuxcare.els3 999:17.168.5.2-999.41.el7.tuxcare.els3 999:41.28.5.1-999.41.el7.tuxcare.els3 999:20250611-999.41.el7.tuxcare.els3 999:20250611-999.41.git356f06bf.el7.tuxcare.els3 i686|x86_64 0:1.2.7-21.0.1.el7_9.tuxcare.els2 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els5 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els5 i686|x86_64 0:4.0.3-35.el7.tuxcare.els7 x86_64 0:4.0.3-35.el7.tuxcare.els7 i686|x86_64 0:3.6.8-21.0.5.el7_9.tuxcare.els3 x86_64 2:7.4.629-8.0.1.el7_9.tuxcare.els2 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[5-9]\d|14[5-9])(?:\.\d+)*|1160\.144\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.144\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.144\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[3-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.144.1.el7.tuxcare.els3 x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els4 i686|x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els4 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els6 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els6 i686|x86_64 0:2.1.0-15.0.1.el7_9.tuxcare.els3 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els8 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els8 x86_64 0:50.2-4.el7_7.tuxcare.els1 i686|x86_64 0:50.2-4.el7_7.tuxcare.els1 0:50.2-4.el7_7.tuxcare.els1 x86_64 2:7.4.629-8.0.1.el7_9.tuxcare.els3 i686|x86_64 0:3.6.8-21.0.5.el7_9.tuxcare.els4 x86_64 0:7.4p1-23.0.3.el7_9.tuxcare.els3 i686|x86_64 0:0.10.3-2.23.0.3.el7_9.tuxcare.els3 i686|x86_64 0:3.6.8-21.0.5.el7_9.tuxcare.els5 x86_64 7:3.5.20-17.0.5.el7_9.99.tuxcare.els4 x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els5 i686|x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els5 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els9 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els9 x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els6 i686|x86_64 0:2.7.5-94.0.1.el7_9.tuxcare.els6 (^3\.10\.0\-((?:(?:\d{5,}|[2-9]\d{3}|1[2-9]\d{2}|11[7-9]\d|116[1-9])(?:\.\d+)*|1160\.(?:\d{4,}|[2-9]\d{2}|1[5-9]\d|14[5-9])(?:\.\d+)*|1160\.144\.(?:\d{2,}|[2-9])(?:\.\d+)*|1160\.144\.1\.\d+(?:\.\d+)*)\.el7\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:1160\.144\.1)\.el7\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[4-9]))?\.(?:x86_64|i686))$) x86_64 0:3.10.0-1160.144.1.el7.tuxcare.els4 (^5\.4\.17\-((?:(?:\d{5,}|[3-9]\d{3}|2[2-9]\d{2}|21[4-9]\d|213[7-9])(?:\.\d+)*|2136\.(?:\d{4,}|[4-9]\d{2}|3[6-9]\d|35[5-9])(?:\.\d+)*|2136\.354\.(?:\d{2,}|[5-9])(?:\.\d+)*|2136\.354\.4\.\d+(?:\.\d+)*)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els\d*)?\.(?:x86_64|i686)|(?:2136\.354\.4)\.el7uek\.tuxcare(?:\.\d+)?(?:\.els(?:\d{2,}|[1-9]))?\.(?:x86_64|i686))$) x86_64 0:5.4.17-2136.354.4.el7uek.tuxcare.els1 x86_64 0:2.27-44.base.0.3.el7_9.1.tuxcare.els3 i686|x86_64 0:2.27-44.base.0.3.el7_9.1.tuxcare.els3 x86_64 0:1.5.18-9.el7_9.1.tuxcare.els1 i686|x86_64 0:4.0.3-35.el7.tuxcare.els8 x86_64 0:4.0.3-35.el7.tuxcare.els8 i686|x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els11 x86_64 0:6.9.10.68-7.0.3.el7_9.tuxcare.els11 i686|x86_64 0:1.10.0-3.el7_9.1.tuxcare.els2 i686|x86_64 0:2.1.0-15.0.7.el7_9.tuxcare.els1