Google Git
Sign in
cos / mirrors / github.com / nluedtke / linux_kernel_cves / 0b24fc746bf3580fc1f6b1f0aad6b9dc2c4680bf / . / data / 6.2 / 6.2_security.txt
blob: 2ee066fe4013a719bd41c97662225d4965458e8a [file] [log] [blame]
CVEs fixed in 6.2:
CVE-2022-27672: be8de49bea505e7777a69ef63d60e02ac1712683 x86/speculation: Identify processors vulnerable to SMT RSB predictions
CVE-2023-1281: ee059170b1f7e94e55fa6cadee544e176a6e59c2 net/sched: tcindex: update imperfect hash filters respecting rcu
CVE-2023-1513: 2c10b61421a28e95a46ab489fd56c0f442ff6952 kvm: initialize all of the kvm_debugregs structure before sending it to userspace
CVE-2023-26545: fda6c89fe3d9aca073495a664e1d5aea28cd4377 net: mpls: fix stale pointer if allocation fails during device rename
CVE-2023-33951: a950b989ea29ab3b38ea7f6e3d2540700a3c54e8 drm/vmwgfx: Do not drop the reference to the handle too soon
CVE-2023-33952: a950b989ea29ab3b38ea7f6e3d2540700a3c54e8 drm/vmwgfx: Do not drop the reference to the handle too soon
CVEs fixed in 6.2.1:
CVE-2023-0459: 2c8ee21d78942cf48bc836612ad365fd6f06cfbb uaccess: Add speculation barrier to copy_from_user()
CVEs fixed in 6.2.3:
CVE-2023-1032: cb6aedc1fd9d808d7319db2f953f4886dd46c627 net: avoid double iput when sock_alloc_file fails
CVE-2023-1076: 4aa4b4b3b3e9551c4de2bf2987247c28805fb8f6 tun: tun_chr_open(): correctly initialize socket uid
CVE-2023-1077: 1099004ae1664703ec573fc4c61ffb24144bcb63 sched/rt: pick_next_rt_entity(): check list_entry
CVE-2023-1079: b08bcfb4c97d7bd41b362cff44b2c537ce9e8540 HID: asus: use spinlock to safely schedule workers
CVE-2023-1118: 182ea492aae5b64067277e60a4ea5995c4628555 media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
CVE-2023-1998: ead3c8e54d28fa1d5454b1f8a21b96b4a969b1cb x86/speculation: Allow enabling STIBP with legacy IBRS
CVE-2023-25012: 90289e71514e9533a9c44d694e2b492be9ed2b77 HID: bigben: use spinlock to safely schedule workers
CVE-2023-2985: f348b373cebeaa91bf3552099026951189f14436 fs: hfsplus: fix UAF issue in hfsplus_put_super
CVE-2023-3220: c745fd463ccf21943cfc35cb8842a33dda2ae259 drm/msm/dpu: Add check for pstates
CVE-2023-3355: abadeef9a82f86e6668759259adbcf8be6f44a9b drm/msm/gem: Add check for kmalloc
CVE-2023-39191: 720d2504791a93becde81c335abcea2f42d066a7 bpf: Fix state pruning for STACK_DYNPTR stack slots
CVE-2023-45863: e6ca1549afb2b495e61a8fb53ae942193ef823e0 kobject: Fix slab-out-of-bounds in fill_kobj_path()
CVEs fixed in 6.2.5:
CVE-2023-1829: 372ae77cf11d11fb118cbe2d37def9dd5f826abd net/sched: Retire tcindex classifier
CVE-2023-45862: 5ee39d2216dc98a894ffc38d15e1ef2d41e2266b USB: ene_usb6250: Allocate enough memory for full object
CVE-2023-7192: 033ac6ea4b513f9a4a20882f431f68cea307ba87 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()
CVEs fixed in 6.2.7:
CVE-2023-28466: 5231fa057bb0e52095591b303cf95ebd17bc62ce net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVEs fixed in 6.2.8:
CVE-2023-1855: eacd1f6bb43ac4b9de3bf886083a71c18d5f329f hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition
CVE-2023-1990: f589e5b56c562d99ea74e05b1c3f0eab78aa17a3 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
CVE-2023-2235: 2c6d1b32838d8cf0114dfdbbb93f4d808e498760 perf: Fix check before add_event_to_groups() in perf_group_detach()
CVE-2023-30456: 71d05b9fa0bfc131a6e2250dea045a818ff25550 KVM: nVMX: add missing consistency checks for CR0 and CR4
CVEs fixed in 6.2.9:
CVE-2022-4269: 8c9e553c58a491ad328c622441e08178373442dc act_mirred: use the backlog for nested calls to mirred ingress
CVE-2023-1583: 2ff9f7319b915acc42cf8fcf743589f926f4a014 io_uring/rsrc: fix null-ptr-deref in io_file_bitmap_get()
CVE-2023-1670: 9c515f3290456bb6850bd7ee29d5bf6652d7f103 xirc2ps_cs: Fix use after free bug in xirc2ps_detach
CVE-2023-1989: c59c65a14e8f7d738429648833f3bb3f9df0513f Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work
CVE-2023-2194: cc3c3ee6d035d38f116a6dec88acf7f74598aebd i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE-2023-2483: 514dc3d0f176d280dc2d3cd25e898a7ec329e878 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-28866: 8497222b22b591c6b2d106e0e3c1672ffe4e10e0 Bluetooth: HCI: Fix global-out-of-bounds
CVE-2023-30772: a7d686b36aa8021ee96128290ac3b58c4c1f6297 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
CVE-2023-33203: 514dc3d0f176d280dc2d3cd25e898a7ec329e878 net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE-2023-33288: 2da4b860f3055ae40a809c020398778e6c27b856 power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
CVEs fixed in 6.2.10:
CVE-2023-1611: 4caab245b0469ce9258ba099a41e909f5d307b33 btrfs: fix race between quota disable and quota assign ioctls
CVEs fixed in 6.2.12:
CVE-2023-1859: e7dcd834af53c79418ca3cd1c42749a314b9f7dc 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
CVE-2023-38409: 62055fa6fbf8f1f1457f5d6a7d17ce1a45972613 fbcon: set_con2fb_map needs to set con2fb_map!
CVEs fixed in 6.2.13:
CVE-2023-2156: 191642f5cfb38c0e44fb4783a37530bae15b8f8e net: rpl: fix rpl header size calculation
CVE-2023-2163: 71035a0508c04827b91a5bfeb2c9ef374f321e65 bpf: Fix incorrect verifier pruning due to missing register precision taints
CVE-2023-2248: 420d014b19ff119e210ecc075ff611fe7844690c net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-31436: 420d014b19ff119e210ecc075ff611fe7844690c net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
CVE-2023-4133: 7977bb80817b552d97bcc8a1ddf2b3029ca5b6a8 cxgb4: fix use after free bugs caused by circular dependency problem
CVEs fixed in 6.2.14:
CVE-2023-1380: 228186629ea970cc78b7d7d5f593f2d32fddf9f6 wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
CVE-2023-2002: 727b3ea80f3fdda6c686806ce3579face0415c76 bluetooth: Perform careful capability checks in hci_sock_ioctl()
CVEs fixed in 6.2.15:
CVE-2023-0160: d0e34aaea13391e28069c50de5519300d408e985 bpf, sockmap: fix deadlocks in the sockhash and sockmap
CVE-2023-2269: 243093d536fe3cc78b450f1beb8d584505ea3193 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
CVE-2023-32233: 6b0801dcc1aa4373d28ac8ee396788d2e715c495 netfilter: nf_tables: deactivate anonymous set from preparation phase
CVE-2023-32248: b35f6c031b87d9e51f141ff6de0ea59756a8e313 ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
CVE-2023-32254: dc1c17716c099c90948ebb83e2170dd75a3be6b6 ksmbd: fix racy issue under cocurrent smb2 tree disconnect
CVE-2023-3268: c86ec32b864d5247602c71986e0494d12f6c4d70 relayfs: fix out-of-bounds access in relay_file_read
CVE-2023-3312: 0dac12ab5780e293b8dc24e513f5c2bf9f93c524 cpufreq: qcom-cpufreq-hw: fix double IO unmap and resource release on exit
CVE-2023-3317: f1d2977584eb315a88956e457de7c800cb010478 wifi: mt76: mt7921: Fix use-after-free in fw features query.
CVE-2023-35823: efccd54c41887e66a03bf7af860ff5eb77c47fcf media: saa7134: fix use after free bug in saa7134_finidev due to race condition
CVE-2023-35824: ad998076d42b394ca22e41e91c59a6056be6098d media: dm1105: Fix use after free bug in dm1105_remove due to race condition
CVE-2023-35826: a858e35c62966761cc2bed2e4123cf68d7df546c media: cedrus: fix use after free bug in cedrus_remove due to race condition
CVE-2023-35828: 1029639643c326396ce8e07a9f52ce7165c021c3 usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
CVE-2023-35829: 26f55569eeb045db9fceda0a5523521c2e76d8aa media: rkvdec: fix use after free bug in rkvdec_remove
CVEs fixed in 6.2.16:
CVE-2023-32247: 750a2d772e9d9ff377fd32e3b6797bf2cd847a7a ksmbd: destroy expired sessions
CVE-2023-32250: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff
CVE-2023-32252: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff
CVE-2023-32257: d270631c21e68fb8016d6e231d022d7023a2df6f ksmbd: fix racy issue from session setup and logoff
CVE-2023-32258: de428966b40c8b8abe35592ded2e9f4d366ffc38 ksmbd: fix racy issue from smb2 close and logoff with multichannel
CVE-2023-34256: c06f5f1ecab83772b1e06ea5dcfe5ebb5927a43f ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
Outstanding CVEs:
CVE-2005-3660: (unk)
CVE-2007-3719: (unk)
CVE-2008-2544: (unk)
CVE-2008-4609: (unk)
CVE-2010-4563: (unk)
CVE-2010-5321: (unk)
CVE-2011-4916: (unk)
CVE-2011-4917: (unk)
CVE-2012-4542: (unk)
CVE-2013-7445: (unk)
CVE-2015-2877: (unk)
CVE-2016-8660: (unk)
CVE-2017-13693: (unk)
CVE-2017-13694: (unk)
CVE-2018-1121: (unk)
CVE-2018-12928: (unk)
CVE-2018-12929: (unk)
CVE-2018-12930: (unk)
CVE-2018-12931: (unk)
CVE-2018-17977: (unk)
CVE-2019-12456: (unk)
CVE-2019-15239: (unk) unknown
CVE-2019-15290: (unk)
CVE-2019-15902: (unk) unknown
CVE-2019-16089: (unk)
CVE-2019-19378: (unk)
CVE-2019-19814: (unk)
CVE-2019-20794: (unk)
CVE-2020-0347: (unk)
CVE-2020-10708: (unk)
CVE-2020-11725: (unk)
CVE-2020-14304: (unk)
CVE-2020-15802: (unk)
CVE-2020-24502: (unk)
CVE-2020-24503: (unk)
CVE-2020-25220: (unk)
CVE-2020-26140: (unk)
CVE-2020-26142: (unk)
CVE-2020-26143: (unk)
CVE-2020-26556: (unk)
CVE-2020-26557: (unk)
CVE-2020-26559: (unk)
CVE-2020-26560: (unk)
CVE-2020-35501: (unk)
CVE-2021-0399: (unk)
CVE-2021-26934: (unk)
CVE-2021-3542: (unk)
CVE-2021-3714: (unk)
CVE-2021-3847: (unk)
CVE-2021-3864: (unk)
CVE-2021-3892: (unk)
CVE-2021-39800: (unk)
CVE-2021-39801: (unk)
CVE-2022-0400: (unk)
CVE-2022-1116: (unk)
CVE-2022-1247: (unk)
CVE-2022-2209: (unk)
CVE-2022-23825: (unk)
CVE-2022-25265: (unk)
CVE-2022-26878: (unk)
CVE-2022-2961: (unk)
CVE-2022-3238: (unk)
CVE-2022-3533: (unk)
CVE-2022-3544: (unk)
CVE-2022-3606: (unk)
CVE-2022-36402: (unk)
CVE-2022-3642: (unk)
CVE-2022-38096: (unk)
CVE-2022-40982: (unk) x86/speculation: Add Gather Data Sampling mitigation
CVE-2022-41848: (unk)
CVE-2022-44032: (unk) char: pcmcia: remove all the drivers
CVE-2022-44033: (unk) char: pcmcia: remove all the drivers
CVE-2022-44034: (unk) char: pcmcia: remove all the drivers
CVE-2022-4543: (unk)
CVE-2022-45884: (unk)
CVE-2022-45885: (unk)
CVE-2022-45886: (unk) media: dvb-core: Fix use-after-free due on race condition at dvb_net
CVE-2022-45887: (unk) media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb()
CVE-2022-45919: (unk) media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
CVE-2022-48425: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1192: (unk) fs/ntfs3: Validate MFT flags before replaying logs
CVE-2023-1193: (unk) ksmbd: delete asynchronous work from list
CVE-2023-1194: (unk) ksmbd: fix out-of-bound read in parse_lease_state()
CVE-2023-1206: (unk) tcp: Reduce chance of collisions in inet6_hashfn().
CVE-2023-1476: (unk)
CVE-2023-20569: (unk) x86/bugs: Increase the x86 bugs vector size to two u32s
CVE-2023-20588: (unk) x86/CPU/AMD: Do not leak quotient data after a division by 0
CVE-2023-20593: (unk) x86/cpu/amd: Add a Zenbleed fix
CVE-2023-20941: (unk)
CVE-2023-2124: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-21255: (unk) binder: fix UAF caused by faulty buffer cleanup
CVE-2023-21264: (unk) KVM: arm64: Prevent unconditional donation of unmapped regions from the host
CVE-2023-21400: (unk)
CVE-2023-2176: (unk) RDMA/core: Refactor rdma_bind_addr
CVE-2023-23039: (unk)
CVE-2023-25775: (unk) RDMA/irdma: Prevent zero-length STAG registration
CVE-2023-26242: (unk)
CVE-2023-2640: (unk)
CVE-2023-2898: (unk) f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
CVE-2023-3090: (unk) ipvlan:Fix out-of-bounds caused by unclear skb->cb
CVE-2023-31081: (unk)
CVE-2023-31082: (unk)
CVE-2023-31083: (unk) Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO
CVE-2023-31084: (unk) media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*()
CVE-2023-31085: (unk) ubi: Refuse attaching if mtd's erasesize is 0
CVE-2023-3117: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-31248: (unk) netfilter: nf_tables: do not ignore genmask when looking up chain by id
CVE-2023-3141: (unk) memstick: r592: Fix UAF bug in r592_remove due to race condition
CVE-2023-3212: (unk) gfs2: Don't deref jdesc in evict
CVE-2023-32629: (unk)
CVE-2023-3269: (unk) mm: introduce new 'lock_mm_and_find_vma()' page fault helper
CVE-2023-33250: (unk) iommufd: Call iopt_area_contig_done() under the lock
CVE-2023-3390: (unk) netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
CVE-2023-3397: (unk)
CVE-2023-34255: (unk) xfs: verify buffer contents when we skip log replay
CVE-2023-34319: (unk) xen/netback: Fix buffer overrun triggered by unusual packet
CVE-2023-34324: (unk) xen/events: replace evtchn_rwlock with RCU
CVE-2023-35001: (unk) netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
CVE-2023-35788: (unk) net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
CVE-2023-35827: (unk) ravb: Fix use-after-free issue in ravb_tx_timeout_work()
CVE-2023-3609: (unk) net/sched: cls_u32: Fix reference counter leak leading to overflow
CVE-2023-3610: (unk) netfilter: nf_tables: fix chain binding transaction logic
CVE-2023-3611: (unk) net/sched: sch_qfq: account for stab overhead in qfq_enqueue
CVE-2023-3640: (unk)
CVE-2023-37454: (unk)
CVE-2023-3772: (unk) xfrm: add NULL check in xfrm_update_ae_params
CVE-2023-3773: (unk) xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH
CVE-2023-3776: (unk) net/sched: cls_fw: Fix improper refcount update leads to use-after-free
CVE-2023-3777: (unk) netfilter: nf_tables: skip bound chain on rule flush
CVE-2023-38426: (unk) ksmbd: fix global-out-of-bounds in smb2_find_context_vals
CVE-2023-38427: (unk) ksmbd: fix out-of-bound read in deassemble_neg_contexts()
CVE-2023-38428: (unk) ksmbd: fix wrong UserName check in session_user
CVE-2023-38429: (unk) ksmbd: allocate one more byte for implied bcc[0]
CVE-2023-38430: (unk) ksmbd: validate smb request protocol id
CVE-2023-38431: (unk) ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop
CVE-2023-38432: (unk) ksmbd: validate command payload size
CVE-2023-3863: (unk) net: nfc: Fix use-after-free caused by nfc_llcp_find_local
CVE-2023-3865: (unk) ksmbd: fix out-of-bound read in smb2_write
CVE-2023-3866: (unk) ksmbd: validate session id and tree id in the compound request
CVE-2023-3867: (unk) ksmbd: add missing compound request handing in some commands
CVE-2023-39189: (unk) netfilter: nfnetlink_osf: avoid OOB read
CVE-2023-39192: (unk) netfilter: xt_u32: validate user space input
CVE-2023-39193: (unk) netfilter: xt_sctp: validate the flag_info count
CVE-2023-39194: (unk) net: xfrm: Fix xfrm_address_filter OOB read
CVE-2023-39197: (unk) netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
CVE-2023-39198: (unk) drm/qxl: fix UAF on handle creation
CVE-2023-4004: (unk) netfilter: nft_set_pipapo: fix improper element removal
CVE-2023-4010: (unk)
CVE-2023-4015: (unk) netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
CVE-2023-40283: (unk) Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
CVE-2023-4128: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4132: (unk) media: usb: siano: Fix warning due to null work_func_t function pointer
CVE-2023-4134: (unk) Input: cyttsp4_core - change del_timer_sync() to timer_shutdown_sync()
CVE-2023-4147: (unk) netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID
CVE-2023-4155: (unk) KVM: SEV: only access GHCB fields once
CVE-2023-4206: (unk) net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4207: (unk) net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4208: (unk) net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
CVE-2023-4244: (unk) netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path
CVE-2023-4273: (unk) exfat: check if filename entries exceeds max filename length
CVE-2023-42752: (unk) igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU
CVE-2023-42753: (unk) netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
CVE-2023-42754: (unk) ipv4: fix null-deref in ipv4_link_failure
CVE-2023-42755: (unk) net/sched: Retire rsvp classifier
CVE-2023-44466: (unk) libceph: harden msgr2.1 frame segment length checks
CVE-2023-4563: (unk) netfilter: nf_tables: don't skip expired elements during walk
CVE-2023-4569: (unk) netfilter: nf_tables: deactivate catchall elements in next generation
CVE-2023-45871: (unk) igb: set max size RX buffer when store bad packet is enabled
CVE-2023-4622: (unk) unix: Convert unix_stream_sendpage() to use MSG_SPLICE_PAGES
CVE-2023-4623: (unk) net/sched: sch_hfsc: Ensure inner classes have fsc curve
CVE-2023-46813: (unk) x86/sev: Check for user-space IOIO pointing to kernel space
CVE-2023-46862: (unk) io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
CVE-2023-47233: (unk)
CVE-2023-4881: (unk) netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVE-2023-4921: (unk) net: sched: sch_qfq: Fix UAF in qfq_dequeue()
CVE-2023-50431: (unk)
CVE-2023-5090: (unk) x86: KVM: SVM: always update the x2avic msr interception
CVE-2023-5158: (unk) vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
CVE-2023-51779: (unk) Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg
CVE-2023-51780: (unk) atm: Fix Use-After-Free in do_vcc_ioctl
CVE-2023-51781: (unk) appletalk: Fix Use-After-Free in atalk_ioctl
CVE-2023-51782: (unk) net/rose: Fix Use-After-Free in rose_ioctl
CVE-2023-5197: (unk) netfilter: nf_tables: disallow rule removal from chain binding
CVE-2023-5345: (unk) fs/smb/client: Reset password pointer to NULL
CVE-2023-5633: (unk) drm/vmwgfx: Keep a gem reference to user bos in surfaces
CVE-2023-5717: (unk) perf: Disallow mis-matched inherited group reads
CVE-2023-5972: (unk) nf_tables: fix NULL pointer dereference in nft_expr_inner_parse()
CVE-2023-6039: (unk) net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs
CVE-2023-6121: (unk) nvmet: nul-terminate the NQNs passed in the connect command
CVE-2023-6176: (unk) net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict()
CVE-2023-6238: (unk)
CVE-2023-6270: (unk)
CVE-2023-6356: (unk)
CVE-2023-6531: (unk) io_uring/af_unix: disable sending io_uring over sockets
CVE-2023-6535: (unk)
CVE-2023-6536: (unk)
CVE-2023-6546: (unk) tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
CVE-2023-6560: (unk) io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP
CVE-2023-6606: (unk) smb: client: fix OOB in smbCalcSize()
CVE-2023-6610: (unk) smb: client: fix potential OOB in smb2_dump_detail()
CVE-2023-6622: (unk) netfilter: nf_tables: bail out on mismatching dynset and set expressions
CVE-2023-6817: (unk) netfilter: nft_set_pipapo: skip inactive elements during set walk
CVE-2023-6931: (unk) perf: Fix perf_event_validate_size()
CVE-2023-6932: (unk) ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
CVE-2023-7042: (unk)
CVE-2024-0340: (unk) vhost: use kzalloc() instead of kmalloc() followed by memset()
CVE-2024-0443: (unk) blk-cgroup: Flush stats before releasing blkcg_gq