Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":20,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":1,"type":"x","order":2,"pct":20,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":3,"type":"x","order":3,"pct":60,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
217

Oracle Linux 9 Kernel Important Bug Fix Advisory ELSA-2026-36018

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-36018 http://linux.oracle.com/errata/ELSA-2026-36018.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-abi-stablelists-5.14.0-687.22.1.el9_8.noarch.rpm kernel-core-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-cross-headers-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-core-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-devel-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-devel-matched-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-modules-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-modules-core-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-modules-extra-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-debug-uki-virt-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-devel-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-devel-matched-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-doc-5.14.0-687.22.1.el9_8.noarch.rpm kernel-headers-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-modules-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-modules-core-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-modules-extra-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-tools-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-tools-libs-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-tools-libs-devel-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-uki-virt-5.14.0-687.22.1.el9_8.x86_64.rpm kernel-uki-virt-addons-5.14.0-687.22.1.el9_8.x86_64.rpm libperf-5.14.0-687.22.1.el9_8.x86_64.rpm perf-5.14.0-687.22.1.el9_8.x86_64.rpm python3-perf-5.14.0-687.22.1.el9_8.x86_64.rpm rtla-5.14.0-687.22.1.el9_8.x86_64.rpm rv-5.14.0-687.22.1.el9_8.x86_64.rpm aarch64: kernel-cross-headers-5.14.0-687.22.1.el9_8.aarch64.rpm kernel-headers-5.14.0-687.22.1.el9_8.aarch64.rpm kernel-tools-5.14.0-687.22.1.el9_8.aarch64.rpm kernel-tools-libs-5.14.0-687.22.1.el9_8.aarch64.rpm kernel-tools-libs-devel-5.14.0-687.22.1.el9_8.aarch64.rpm libperf-5.14.0-687.22.1.el9_8.aarch64.rpm perf-5.14.0-687.22.1.el9_8.aarch64.rpm python3-perf-5.14.0-687.22.1.el9_8.aarch64.rpm rtla-5.14.0-687.22.1.el9_8.aarch64.rpm rv-5.14.0-687.22.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-5.14.0-687.22.1.el9_8.src.rpm RelatedCVEs: CVE-2025-10263 CVE-2026-43112 CVE-2026-43276 CVE-2026-46116 CVE-2026-46155 CVE-2026-46209 CVE-2026-46227 CVE-2026-46244 CVE-2026-46259 CVE-2026-46316 CVE-2026-46323 Description of changes: [5.14.0-687.22.1] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 9 Node.js Important Bug Fix Advisory ELSA-2026-35892

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-35892 http://linux.oracle.com/errata/ELSA-2026-35892.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-devel-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-docs-22.23.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-full-i18n-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-libs-22.23.1-1.module+el9.8.0+90947+d3e8e647.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm npm-10.9.8-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.x86_64.rpm aarch64: nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-devel-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-docs-22.23.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-full-i18n-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-libs-22.23.1-1.module+el9.8.0+90947+d3e8e647.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm nodejs-packaging-bundler-2021.06-6.module+el9.8.0+90947+d3e8e647.noarch.rpm npm-10.9.8-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.23.1.1.module+el9.8.0+90947+d3e8e647.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/nodejs-22.23.1-1.module+el9.8.0+90947+d3e8e647.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/nodejs-nodemon-3.0.1-1.module+el9.8.0+90947+d3e8e647.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/nodejs-packaging-2021.06-6.module+el9.8.0+90947+d3e8e647.src.rpm RelatedCVEs: CVE-2026-6733 CVE-2026-9678 CVE-2026-11525 CVE-2026-12151 CVE-2026-42338 CVE-2026-48615 CVE-2026-48618 CVE-2026-48619 CVE-2026-48928 CVE-2026-48930 CVE-2026-48933 CVE-2026-48934 CVE-2026-48935 Description of changes: nodejs [1:22.23.1-1] - Update to version 22.23.1 Resolves: RHEL-186622 RHEL-185998 RHEL-183669 Fixes: CVE-2026-12151 CVE-2026-48618 CVE-2026-48933 CVE-2026-48937 CVE-2026-48930 CVE-2026-48619 CVE-2026-48615 CVE-2026-48934 CVE-2026-48928 CVE-2026-48617 CVE-2026-48931 CVE-2026-48935 CVE-2026-42338 nodejs-nodemon [3.0.1-1] - Rebase to 3.0.1 - Resolves: CVE-2022-25883 [2.0.20-2] - Patch bundled glob-parent - Resolves: CVE-2021-35065 [2.0.20-1] - Rebase to 2.0.20 Resolves: CVE-2022-3517 [2.0.15-1] - Resolves: RHBZ#2005419 - Resolves CVE-2020-28469 - Rebase to newest version - Change source to npmjs.com nodejs-packaging [2021.06-6] - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-120511 [2021.06-5] - nodejs.req to properly detect bundled deps _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated packages for Oracle Linux 9 enhance Node.js security and functionality addressing several crucial CVEs.. Oracle Linux, Node.js update, security patches, important advisories. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 9 PostgreSQL Important Update Advisory ELSA-2026-26204

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-26204 http://linux.oracle.com/errata/ELSA-2026-26204.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: pgaudit-18.0-1.module+el9.8.0+90922+3defa420.x86_64.rpm pg_repack-1.5.3-1.module+el9.8.0+90922+3defa420.x86_64.rpm pgvector-0.8.1-1.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-client-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-docs-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-upgrade-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-utils-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgres-decoderbufs-3.3.1-1.Final.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-contrib-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-docs-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-plperl-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-plpython3-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-pltcl-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-private-devel-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-private-libs-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-server-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-server-devel-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-static-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-test-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-test-rpm-macros-18.4-2.module+el9.8.0+90922+3defa420.noarch.rpm postgresql-upgrade-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-upgrade-devel-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm aarch64: pgaudit-18.0-1.module+el9.8.0+90922+3defa420.aarch64.rpm pg_repack-1.5.3-1.module+el9.8.0+90922+3defa420.aarch64.rpm pgvector-0.8.1-1.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-client-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-docs-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-upgrade-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-utils-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgres-decoderbufs-3.3.1-1.Final.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-contrib-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-docs-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-plperl-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-plpython3-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-pltcl-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-private-devel-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-private-libs-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-server-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-server-devel-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-static-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-test-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-test-rpm-macros-18.4-2.module+el9.8.0+90922+3defa420.noarch.rpm postgresql-upgrade-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-upgrade-devel-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/pgaudit-18.0-1.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/pg_repack-1.5.3-1.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/pgvector-0.8.1-1.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/postgis-3.6.1-2.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/postgres-decoderbufs-3.3.1-1.Final.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/postgresql-18.4-2.module+el9.8.0+90922+3defa420.src.rpm Related CVEs: CVE-2026-6473 CVE-2026-6475 CVE-2026-6477 CVE-2026-6478 Description of changes: pgaudit [18.0-1] - Update to 18.0 - Initial import for postgresql18 pg_repack [1.5.3-1] - Update to 1.5.3 - Initial import for postgresql18 [1.5.1-1] - Update to v1.5.1 [1.4.8-2] - Add newbuild dependencies to fix build with lz4 enabled - Related: RHEL-47604 pgvector [0.8.1-1] - Update to 0.8.1 - Initial import for postgresql18 [0.6.2-2] - Enable Portable build - Resolves: RHEL-84405 [0.6.2-1] - Initial packaging postgis [3.6.1-1] - Update to 3.6.1 - Initial import for postgresql18 - Avoid perl(Pg) dependency on RHEL [3.5.3-3] - Rebuild (gdal) [3.5.3-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild [3.5.3-1] - Update to 3.5.3 [3.5.2-2] - Rebuild (SFCGAL) [3.5.2-1] - Update to 3.5.2 [3.5.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild [3.5.1-1] - Update to 3.5.1 [3.5.0-3] - Rebuild (GDAL) [3.5.0-2] - Rebuild (gdal) postgres-decoderbufs [3.3.1-1.Final] - Update to 3.3.1.Final - Initial import for postgresql18 postgresql [18.4-1] - Update to 18.4 - Fix CVE-2026-6478 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Explore the important security advisory for Oracle Linux 9 regarding PostgreSQL updates and associated vulnerabilities.. Oracle Linux, PostgreSQL Update, Security Advisory, Important Vulnerability, PostGIS. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 9 Kernel Important Issues Update ELSA-2026-50387

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50387 http://linux.oracle.com/errata/ELSA-2026-50387.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: aarch64: bpftool-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-container-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-container-debug-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-core-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-322.203.3.3.el9uek.noarch.rpm kernel-uek-modules-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek64k-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek64k-core-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek64k-devel-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek64k-modules-5.15.0-322.203.3.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-5.15.0-322.203.3.3.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-5.15.0-322.203.3.3.el9uek.src.rpm Related CVEs: CVE-2026-43499 Description of changes: [5.15.0-322.203.3.3] - locking/rtmutex: Skip remove_waiter() when waiter is not enqueued (Davidlohr Bueso) [Orabug: 39706512] - rtmutex: Use waiter::task instead of current in remove_waiter() (Keenan Dong) [Orabug: 39706512] {CVE-2026-43499} [5.15.0-322.203.3.2] - KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level (Sean Christopherson) [Orabug: 39673886] - KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673886] - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673886] - KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673886] - KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (Paolo Bonzini) [Orabug: 39673886] - KVM: x86/mmu: Derive shadow MMU page role from parent (Paolo Bonzini) [Orabug: 39673886] - KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673886] - KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673886] - net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39668793] - net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39668793] {CVE-2026-46331} - net/sched: act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39668793] - net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39668793] [5.15.0-322.203.3.1] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39648952] {CVE-2026-52943} [5.15.0-322.203.3] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548689] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548689] - ARM: uek: Disable CONFIG_NVIDIA_CARMEL_CNP_ERRATUM (Boris Ostrovsky) [Orabug: 39548689] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548689] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548689] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548689] - net/rds: Make "rds_send_xmit" fairer (Gerd Rausch) [Orabug: 39532945] - net/rds: Schedule rds_send_worker if there's more work to do (Gerd Rausch) [Orabug: 39532945] - Revert "rds: Change return code from rds_send_xmit() when lock is taken" (Gerd Rausch) [Orabug: 39532945] - Revert "Reapply "rds: ib: Make sure receives are posted before connection isup"" (Gerd Rausch) [Orabug: 39532945] - Revert "rds: ib: Make sure a QP in INIT state is transitioned to ERR" (Gerd Rausch) [Orabug: 39532945] - net: tap: NULL pointer derefence in dev_parse_header_protocol when skb-> dev is null (Cezar Bulinaru) [Orabug: 39526881] {CVE-2022-50073} - mmc: dwcmshc_bf3_hw_reset: Log eMMC reset calls (Satyansh Shukla) [Orabug: 39333650] - arm64: dts: pensando: drop elba penfw firmware node (Tom Saeger) [Orabug: 39522954] - batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262374] {CVE-2026-31657} - rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39179363] [5.15.0-322.203.2] - LTS version: v5.15.203 (Vijayendra Suman) - io_uring/poll: correctly handle io_poll_add() return value on update (Jens Axboe) - ksmbd: Fix dangling pointer in krb_authenticate (Sean Heelan) - ksmbd: Fix refcount leak when invalid session is found on session lookup (Namjae Jeon) - Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (Luiz Augusto von Dentz) - i2c: cp2615: fix serial string NULL-deref at probe (Johan Hovold) - i2c: cp2615: replace deprecated strncpy with strscpy (Justin Stitt) - ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() (Namjae Jeon) - ksmbd: fix potencial OOB in get_file_all_info() for compound requests (Namjae Jeon) - tracing: Fix potential deadlock in cpu hotplug with osnoise (Luo Haiyang) - x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling() (Nikunj A Dadhania) - mm/huge_memory: fix folio isn't locked in softleaf_to_folio() (Jinjiang Tu) - scsi: target: tcm_loop: Drain commands in target_reset handler (Josef Bacik) - net: macb: Move devm_{free,request}_irq() out of spin lock area (Kevin Hao) - dmaengine: sh: rz-dmac: Protect the driver specific lists (Claudiu Beznea) - dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (Claudiu Beznea) - xfs: save ailp before dropping the AIL lock in push callbacks (Yuto Ohnuki) - ext4: fix use-after-free inupdate_super_work when racing with umount (Jiayuan Chen) - ext4: fix the might_sleep() warnings in kvfree() (Zqiang) - ext4: publish jinode after initialization (Li Chen) - usb: gadget: uvc: fix NULL pointer dereference during unbind race (Jimmy Hu) - usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop (Kuen-Han Tsai) - usb: gadget: f_hid: move list and spinlock inits from bind to alloc (Michael Zimmermann) - net: rfkill: prevent unlimited numbers of rfkill events from being created (Greg Kroah-Hartman) - seg6: separate dst_cache for input and output paths in seg6 lwtunnel (Andrea Mayer) - Revert "mptcp: add needs_id for netlink appending addr" (Matthieu Baerts (NGI0)) - xen/privcmd: unregister xenstore notifier on module exit (GuoHan Zhao) - netlink: add nla be16/32 types to minlen array (Florian Westphal) - rxrpc: Fix key/keyring checks in setsockopt(RXRPC_SECURITY_KEY/KEYRING) (David Howells) - rxrpc: fix reference count leak in rxrpc_server_keyring() (Luxiao Xu) - net: stmmac: fix integer underflow in chain mode (Tyllis Xu) - net: qualcomm: qca_uart: report the consumed byte on RX skb allocation failure (Pengpeng Hou) - mmc: vub300: fix NULL-deref on disconnect (Johan Hovold) - drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat (Sebastian Brzezinka) - net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() (David Carlier) - net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (Muhammad Alifa Ramdhan) - batman-adv: reject oversized global TT response buffers (Ruide Cao) - nfc: pn533: allocate rx skb before consuming bytes (Pengpeng Hou) - arm64: dts: hisilicon: hi3798cv200: Add missing dma-ranges (Shawn Guo) - arm64: dts: hisilicon: poplar: Correct PCIe reset GPIO polarity (Shawn Guo) - wifi: brcmsmac: Fix dma_free_coherent() size (Thomas Fourier) - tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG (Oleh Konko) - netfilter: nft_ct: fix use-after-free in timeout object destroy (Tuan Do) - apparmor: fix race between freeing data and fsaccessing it (John Johansen) - apparmor: fix race on rawdata dereference (John Johansen) - apparmor: fix differential encoding verification (John Johansen) - apparmor: fix unprivileged local user can do privileged policy management (John Johansen) - apparmor: Fix double free of ns_name in aa_replace_profiles() (John Johansen) - apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (Massimiliano Pellizzer) - apparmor: fix side-effect bug in match_char() macro usage (Massimiliano Pellizzer) - apparmor: fix: limit the number of levels of policy namespaces (John Johansen) - apparmor: replace recursive profile removal with iterative approach (Massimiliano Pellizzer) - apparmor: fix memory leak in verify_header (Massimiliano Pellizzer) - apparmor: validate DFA start states are in bounds in unpack_pdb (Massimiliano Pellizzer) - iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (Nuno Sa) - gpiolib: cdev: fix uninitialised kfifo (Kent Gibson) - media: uvcvideo: Use heuristic to find stream entity (Ricardo Ribalda) - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (Thadeu Lima de Souza Cascardo) - Input: uinput - take event lock when submitting FF request "event" (Dmitry Torokhov) - Input: uinput - fix circular locking dependency with ff-core (Mikhail Gavrilov) - mptcp: fix slab-use-after-free in __inet_lookup_established (Jiayuan Chen) - xfrm_user: fix info leak in build_report() (Greg Kroah-Hartman) - wifi: rt2x00usb: fix devres lifetime (Johan Hovold) - lib/crypto: chacha: Zeroize permuted_state before it leaves scope (Eric Biggers) - wifi: virt_wifi: remove SET_NETDEV_DEV to avoid use-after-free (Alexander Popov) - io_uring/tctx: work around xa_store() allocation error issue (Jens Axboe) - usb: gadget: f_uac1_legacy: validate control request size (Taegu Ha) - usb: gadget: f_rndis: Protect RNDIS options with mutex (Kuen-Han Tsai) - usb: gadget: f_subset: Fix unbalanced refcnt in geth_free (Kuen-Han Tsai) - staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser(Navaneeth K) - smb: client: Fix refcount leak for cifs_sb_tlink (Shuhao Fu) - net: mctp: Don't access ifa_index when missing (Matt Johnston) - fbcon: Set fb_display[i]-> mode to NULL when the mode is released (Quanmin Yan) - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (Marc Kleine-Budde) - can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (Marc Kleine-Budde) - can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak (Marc Kleine-Budde) - usb: gadget: dummy_hcd: fix premature URB completion when ZLP follows partial transfer (Sebastian Urban) - USB: dummy-hcd: Fix interrupt synchronization error (Alan Stern) - USB: dummy-hcd: Fix locking/synchronization error (Alan Stern) - thunderbolt: Fix property read in nhi_wake_supported() (Konrad Dybcio) - net: ftgmac100: fix ring allocation unwind on open failure (Yufan Chen) - vxlan: validate ND option lengths in vxlan_na_create (Yang Yang) - netfilter: ipset: drop logically empty buckets in mtype_del (Yifan Wu) - comedi: me4000: Fix potential overrun of firmware buffer (Ian Abbott) - comedi: me_daq: Fix potential overrun of firmware buffer (Ian Abbott) - comedi: ni_atmio16d: Fix invalid clean-up after failed attach (Ian Abbott) - comedi: Reinit dev-> spinlock between attachments to low-level drivers (Ian Abbott) - comedi: dt2815: add hardware detection to prevent crash (Deepanshu Kartikey) - cdc-acm: new quirk for EPSON HMD (Oliver Neukum) - bridge: br_nd_send: validate ND option lengths (Yang Yang) - phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (Claudiu Beznea) - phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (Claudiu Beznea) - phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (Claudiu Beznea) - phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (Claudiu Beznea) - usb: cdns3: gadget: fix state inconsistency on gadget init failure (Yongchao Wu) - usb: cdns3: gadget: fix NULL pointer dereference in ep_queue (Yongchao Wu) - usb: dwc2: gadget: Fixspin_lock/unlock mismatch in dwc2_hsotg_udc_stop() (Juno Choi) - usb: ehci-brcm: fix sleep during atomic (Justin Chen) - usb: usbtmc: Flush anchored URBs in usbtmc_release (Heitor Alves de Siqueira) - usb: ulpi: fix double free in ulpi_register_interface() error path (Guangshuo Li) - usb: quirks: add DELAY_INIT quirk for another Silicon Motion flash drive (Miao Li) - iio: gyro: mpu3050: Fix out-of-sequence free_irq() (Ethan Tidmore) - iio: gyro: mpu3050: Move iio_device_register() to correct location (Ethan Tidmore) - iio: gyro: mpu3050: Fix irq resource leak (Ethan Tidmore) - iio: gyro: mpu3050: Fix incorrect free_irq() variable (Ethan Tidmore) - iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (Francesco Lavra) - iio: light: vcnl4035: fix scan buffer on big-endian (David Lechner) - iio: dac: ad5770r: fix error return in ad5770r_read_raw() (Antoniu Miclaus) - Input: xpad - add support for Razer Wolverine V3 Pro (Zoltan Illes) - Input: i8042 - add TUXEDO InfinityBook Max 16 Gen10 AMD to i8042 quirk table (Christoffer Sandberg) - Input: synaptics-rmi4 - fix a locking bug in an error path (Bart Van Assche) - USB: core: add NO_LPM quirk for Razer Kiyo Pro webcam (JP Hein) - USB: serial: option: add support for Rolling Wireless RW135R-GL (Wanquan Zhong) - USB: serial: io_edgeport: add support for Blackbox IC135A (Frej Drejhammar) - drm/ast: dp501: Fix initialization of SCU2C (Thomas Zimmermann) - hwmon: (occ) Fix division by zero in occ_show_power_1() (Sanman Pradhan) - MIPS: Fix the GCC version check for __multi3' workaround (Maciej W. Rozycki) - Bluetooth: SMP: force responder MITM requirements before building the pairing response (Oleh Konko) - Bluetooth: SMP: derive legacy responder STK authentication from MITM state (Oleh Konko) - ALSA: ctxfi: Fix missing SPDIFI1 index handling (Takashi Iwai) - ALSA: caiaq: fix stack out-of-bounds read in init_card (Berk Cem Goksel) - USB: serial: option: add MeiG Smart SRM825WN (Ernestas Kulik) - wifi: wilc1000: fix u8 overflow in SSID scan buffer sizecalculation (Yasuaki Torimaru) - drm/ioc32: stop speculation on the drm_compat_ioctl path (Greg Kroah-Hartman) - riscv: kgdb: fix several debug register assignment bugs (Paul Walmsley) - hwmon: (occ) Fix missing newline in occ_show_extended() (Sanman Pradhan) - hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (Sanman Pradhan) - hwmon: (pxe1610) Check return value of page-select write in probe (Sanman Pradhan) - bpf: reject direct access to nullable PTR_TO_BUF pointers (Qi Tang) - ipv6: avoid overflows in ip6_datagram_send_ctl() (Eric Dumazet) - net/sched: cls_flow: fix NULL pointer dereference on shared blocks (Xiang Mei) - net/sched: cls_fw: fix NULL pointer dereference on shared blocks (Xiang Mei) - net/x25: Fix overflow when accumulating packets (Martin Schiller) - net/x25: Fix potential double free of skb (Martin Schiller) - net/mlx5: Avoid "No data available" when FW version queries fail (Saeed Mahameed) - net: macb: properly unregister fixed rate clocks (Fedor Pchelkin) - net: macb: fix clk handling on PCI glue driver removal (Fedor Pchelkin) - Bluetooth: MGMT: validate LTK enc_size on load (Keenan Dong) - netfilter: nf_tables: reject immediate NF_QUEUE verdict (Pablo Neira Ayuso) - netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP (Pablo Neira Ayuso) - netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (Qi Tang) - netfilter: nf_conntrack_helper: pass helper to expect cleanup (Qi Tang) - netfilter: ipset: use nla_strcmp for IPSET_ATTR_NAME attr (Florian Westphal) - netfilter: x_tables: ensure names are nul-terminated (Florian Westphal) - netfilter: nfnetlink_log: account for netlink header size (Florian Westphal) - netfilter: flowtable: strictly check for maximum number of actions (Pablo Neira Ayuso) - net: ipv6: flowlabel: defer exclusive option free until RCU teardown (Zhengchuan Liang) - bpf: Fix regsafe() for pointers to packet (Alexei Starovoitov) - net: xilinx: axienet: Correct BD length masks to match AXIDMA IPspec (Suraj Gupta) - NFC: pn533: bound the UART receive buffer (Pengpeng Hou) - net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (Yochai Eisenrich) - ipv6: prevent possible UaF in addrconf_permanent_addr() (Paolo Abeni) - net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() (Xiang Mei) - bridge: br_nd_send: linearize skb before parsing ND options (Yang Yang) - ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (Eric Dumazet) - ipv6: icmp: clear skb2-> cb[] in ip6_err_gen_icmpv6_unreach() (Eric Dumazet) - tg3: Fix race for querying speed/duplex (Thomas Bogendoerfer) - net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak (Yochai Eisenrich) - net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak (Jiayuan Chen) - crypto: af-alg - fix NULL pointer dereference in scatterwalk (Norbert Szetei) - dt-bindings: auxdisplay: ht16k33: Use unevaluatedProperties to fix common property warning (Frank Li) - btrfs: reject root items with drop_progress and zero drop_level (ZhengYuan Huang) - HID: multitouch: Check to ensure report responses match the request (Lee Jones) - objtool: Fix Clang jump table detection (Josh Poimboeuf) - btrfs: don't take device_list_mutex when querying zone info (Johannes Thumshirn) - atm: lec: fix use-after-free in sock_def_readable() (Deepanshu Kartikey) - HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (Benoît Sevens) - futex: Clear stale exiting pointer in futex_lock_pi() retry path (Davidlohr Bueso) - dmaengine: xilinx_dma: Fix reset related timeout with two-channel AXIDMA (Tomi Valkeinen) - dmaengine: xilinx_dma: Program interrupt delay timeout (Radhey Shyam Pandey) - dmaengine: idxd: Fix freeing the allocated ida too late (Vinicius Costa Gomes) - btrfs: fix lost error when running device stats on multiple devices fs (Filipe Manana) - btrfs: fix super block offset in error message in btrfs_validate_super() (Mark Harmstone) - dmaengine: xilinx: xilinx_dma: Fix unmaskedresidue subtraction (Marek Vasut) - dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (Marek Vasut) - dmaengine: xilinx: xilinx_dma: Fix dma_device directions (Marek Vasut) - phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (Felix Gu) - ext4: always drain queued discard work in ext4_mb_release() (Theodore Ts'o) - ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths (Baokun Li) - ext4: reject mount if bigalloc with s_first_data_block != 0 (Helen Koike) - ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() (Ye Bin) - ext4: make recently_deleted() properly work with lazy itable initialization (Jan Kara) - ext4: convert inline data to extents when truncate exceeds inline size (Deepanshu Kartikey) - xfs: stop reclaim before pushing AIL during unmount (Yuto Ohnuki) - jbd2: gracefully abort on checkpointing state corruptions (Milos Nikic) - scsi: ses: Handle positive SCSI error from ses_recv_diag() (Greg Kroah-Hartman) - scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (Tyllis Xu) - alarmtimer: Fix argument order in alarm_timer_forward() (Zhan Xusheng) - erofs: add GFP_NOIO in the bio completion if needed (Jiucheng Xu) - virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false (xietangxin) - media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (Yuchan Nam) - cpufreq: conservative: Reset requested_freq on limits change (Viresh Kumar) - can: gw: fix OOB heap access in cgw_csum_crc8_rel() (Ali Norouzi) - s390/barrier: Make array_index_mask_nospec() __always_inline (Vasily Gorbik) - s390/syscalls: Add spectre boundary for syscall dispatch table (Greg Kroah-Hartman) - spi: spi-fsl-lpspi: fix teardown order issue (UAF) (Marc Kleine-Budde) - ASoC: adau1372: Fix clock leak on PLL lock failure (Jihed Chaibi) - ASoC: adau1372: Fix unchecked clk_prepare_enable() return value (Jihed Chaibi) - sysctl: fix uninitialized variable in proc_do_large_bitmap (Marc Buerg) - hwmon: (adm1177) fix sysfsABI violation and current unit conversion (Sanman Pradhan) - ACPI: EC: Fix ECDT probe ordering issues (Hans de Goede) - ACPI: EC: Fix EC address space handler unregistration (Hans de Goede) - ACPICA: Allow address_space_handler Install and _REG execution as 2 separate steps (Hans de Goede) - ACPICA: include/acpi/acpixf.h: Fix indentation (Hans de Goede) - ASoC: Intel: catpt: Fix the device initialization (Cezary Rojewski) - drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (Samasth Norway Ananda) - x86/efi: efi_unmap_boot_services: fix calculation of ranges_to_free size (Mike Rapoport (Microsoft)) - scsi: scsi_transport_sas: Fix the maximum channel scanning issue (Yihang Li) - RDMA/irdma: Return EINVAL for invalid arp index error (Tatyana Nikolova) - RDMA/irdma: Fix deadlock during netdev reset with active connections (Anil Samal) - RDMA/irdma: Remove reset check from irdma_modify_qp_to_err() (Tatyana Nikolova) - RDMA/irdma: Clean up unnecessary dereference of event-> cm_node (Ivan Barrera) - RDMA/irdma: Remove a NOP wait_event() in irdma_modify_qp_roce() (Tatyana Nikolova) - RDMA/irdma: Update ibqp state to error if QP is already in error state (Tatyana Nikolova) - RDMA/rw: Fall back to direct SGE on MR pool exhaustion (Chuck Lever) - regmap: Synchronize cache for the page selector (Andy Shevchenko) - net: macb: use the current queue number for stats (Paolo Valerio) - netfilter: ctnetlink: use netlink policy range checks (David Carlier) - netlink: allow be16 and be32 types in all uint policy checks (Florian Westphal) - netlink: introduce bigendian integer types (Florian Westphal) - netfilter: nft_payload: reject out-of-range attributes via policy (Florian Westphal) - netlink: introduce NLA_POLICY_MAX_BE (Florian Westphal) - netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp (Weiming Shi) - netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (Ren Wei) - netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD (Weiming Shi) - Bluetooth: btusb: clampSCO altsetting table indices (Pengpeng Hou) - Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (Hyunwoo Kim) - dma-mapping: add missing inline for dma_free_attrs (Miguel Ojeda) - net: enetc: fix the output issue of 'ethtool --show-ring' (Wei Fang) - net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) - platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (Alok Tiwari) - rtnetlink: count IFLA_INFO_SLAVE_KIND in if_nlmsg_size (Sabrina Dubroca) - net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer (Qi Tang) - openvswitch: validate MPLS set/set_masked payload length (Yang Yang) - nfc: nci: fix circular locking dependency in nci_close_device (Jakub Kicinski) - ionic: fix persistent MAC address override on PF (Mohammad Heib) - pinctrl: mediatek: common: Fix probe failure for devices without EINT (Luca Leonardo Scorcia) - Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (Helen Koike) - Bluetooth: hci_ll: Fix firmware leak on error path (Anas Iqbal) - Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (Hyunwoo Kim) - Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (Hyunwoo Kim) - can: statistics: add missing atomic access in hot path (Oliver Hartkopp) - af_key: validate families in pfkey_send_migrate() (Eric Dumazet) - esp: fix skb leak with espintcp and async crypto (Sabrina Dubroca) - xfrm: Fix the usage of skb-> sk (Steffen Klassert) - xfrm: call xdo_dev_state_delete during state update (Sabrina Dubroca) - ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (Uzair Mughal) - dma-buf: Include ioctl.h in UAPI header (Isaac J. Manjarres) - ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (Mark Brown) - ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (Mark Brown) - module: Fix kernel panic when a symbol st_shndx is out of bounds (Ihor Solodrai) - HID: mcp2221: cancel last I2C command on read error(Romain Sioen) - net: usb: r8152: add TRENDnet TUC-ET2G (Valentin Spreckels) - HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (Günther Noack) - HID: magicmouse: fix battery reporting for Apple Magic Trackpad 2 (Julius Lehmann) - nvme-pci: ensure we're polling a polled queue (Keith Busch) - platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (Hans de Goede) - platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (Leif Skunberg) - nvme-pci: cap queue creation to used queues (Keith Busch) - platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (Peter Metz) - HID: asus: avoid memory leak in asus_report_fixup() (Günther Noack) - bpf: Release module BTF IDR before module unload (Kumar Kartikeya Dwivedi) - sh: platform_early: remove pdev-> driver_override check (Danilo Krummrich) - xen/privcmd: add boot control for restricted usage in domU (Juergen Gross) - xen/privcmd: restrict usage in unprivileged domU (Juergen Gross) - netfilter: nft_set_pipapo: split gc into unlink and reclaim phase (Florian Westphal) - netfilter: nf_tables: de-constify set commit ops function argument (Florian Westphal) - tools/bootconfig: fix fd leak in load_xbc_file() on fstat failure (Josh Law) - lib/bootconfig: check xbc_init_node() return in override path (Josh Law) - drm/i915/gt: Check set_default_submission() before deferencing (Rahul Bukte) - ksmbd: fix use-after-free of share_conf in compound request (Hyunwoo Kim) - mtd: rawnand: brcmnand: skip DMA during panic write (Kamal Dasu) - mtd: rawnand: serialize lock/unlock against other NAND operations (Kamal Dasu) - i2c: fsi: Fix a potential leak in fsi_i2c_probe() (Christophe JAILLET) - hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (Sanman Pradhan) - icmp: fix NULL pointer dereference in icmp_tag_validation() (Weiming Shi) - net: dsa: bcm_sf2: fix missing clk_disable_unprepare() in error paths (Anas Iqbal) - net: mvpp2: guard flow control update with global_tx_fc in bufferswitching (Muhammad Hammad Ijaz) - nfnetlink_osf: validate individual option lengths in fingerprints (Weiming Shi) - net: bonding: fix NULL deref in bond_debug_rlb_hash_show (Xiang Mei) - udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n (Xiang Mei) - net: macb: fix uninitialized rx_fs_lock (Fedor Pchelkin) - wifi: mac80211: fix NULL deref in mesh_matches_local() (Xiang Mei) - igc: fix missing update of skb-> tail in igc_xmit_frame() (Kohei Enju) - net: usb: aqc111: Do not perform PM inside suspend callback (Nikola Z. Ivanov) - net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() (Jiayuan Chen) - net/smc: Fix slab-out-of-bounds issue in fallback (Wen Gu) - net/smc: Only save the original clcsock callback functions (Wen Gu) - PM: runtime: Fix a race condition related to device removal (Bart Van Assche) - sched: idle: Consolidate the handling of two special cases (Rafael J. Wysocki) - net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (Dipayaan Roy) - net: bcmgenet: increase WoL poll timeout (Justin Chen) - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (Jenny Guanni Qu) - netfilter: xt_time: use unsigned int for monthday bit shift (Jenny Guanni Qu) - netfilter: xt_CT: drop pending enqueued packets on template removal (Pablo Neira Ayuso) - netfilter: nft_ct: drop pending enqueued packets on removal (Pablo Neira Ayuso) - netfilter: nft_ct: add seqadj extension for natted connections (Andrii Melnychenko) - netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case (Jenny Guanni Qu) - netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() (Lukas Johannes Möller) - netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() (Hyunwoo Kim) - netfilter: ctnetlink: remove refcounting in expectation dumpers (Florian Westphal) - net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (Jiayuan Chen) - Bluetooth: qca: fix ROM version reading on WCN3998 chips (DmitryBaryshkov) - Bluetooth: HIDP: Fix possible UAF (Luiz Augusto von Dentz) - Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (Christian Eggers) - Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (Christian Eggers) - Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (Christian Eggers) - firmware: arm_scpi: Fix device_node reference leak in probe path (Felix Gu) - of: Add cleanup.h based auto release via __free(device_node) markings (Jonathan Cameron) - wifi: mac80211: Fix static_branch_dec() underflow for aql_disable. (Kuniyuki Iwashima) - soc: fsl: qbman: fix race condition in qman_destroy_fq (Richard Genoud) - btrfs: tree-checker: fix misleading root drop_level error message (ZhengYuan Huang) - batman-adv: avoid OGM aggregation when skb tailroom is insufficient (Yang Yang) - pmdomain: bcm: bcm2835-power: Increase ASB control timeout (Maíra Canal) - mptcp: pm: avoid sending RM_ADDR over same subflow (Matthieu Baerts (NGI0)) - drm/amd/display: Use GFP_ATOMIC in dc_create_stream_for_sink (Natalie Vock) - net: phy: register phy led_triggers during probe to avoid AB-BA deadlock (Andrew Lunn) - smb: client: Don't log plaintext credentials in cifs_set_cifscreds (Thorsten Blum) - RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (Jason Gunthorpe) - wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() (Daniil Dulov) - wifi: cfg80211: move scan done work to wiphy work (Johannes Berg) - wifi: libertas: fix use-after-free in lbs_free_adapter() (Daniel Hodges) - ext4: always allocate blocks only from groups inode can use (Jan Kara) - ksmbd: fix null pointer dereference error in generate_encryptionkey (Namjae Jeon) - ext4: fix dirtyclusters double decrement on fs shutdown (Brian Foster) - ext4: drop extent cache when splitting extent fails (Zhang Yi) - ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O (Zhang Yi) - ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths (Fedor Pchelkin) - drm/exynos: vidi: use ctx-> lock to protectstruct vidi_context member variables related to memory alloc/free (Jeongjun Park) - drm/exynos: vidi: fix to avoid directly dereferencing user pointer (Jeongjun Park) - drm/exynos: vidi: use priv-> vidi_dev for ctx lookup in vidi_connection_ioctl() (Jeongjun Park) - net: Handle napi_schedule() calls from non-interrupt (Frederic Weisbecker) - net: stmmac: dwmac-loongson: Set clk_csr_i to 100-150MHz (Huacai Chen) - drm/radeon: apply state adjust rules to some additional HAINAN vairants (Alex Deucher) - serial: uartlite: fix PM runtime usage count underflow on probe (Maciej Andrzejewski ICEYE) - serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY (Ilpo Järvinen) - serial: 8250: Fix TX deadlock when using DMA (Raul E Rangel) - serial: 8250_pci: add support for the AX99100 (Martin Roukala (né Peres)) - iommu/vt-d: Fix intel iommu iotlb sync hardlockup and retry (Guanghui Feng) - mtd: Avoid boot crash in RedBoot partition table parser (Finn Thain) - mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (Chen Ni) - mtd: rawnand: pl353: make sure optimal timings are applied (Olivier Sobrie) - mmc: sdhci: fix timing selection for 1-bit bus width (Luke Wang) - mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (Matthew Schwartz) - Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (Lukas Johannes Möller) - Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (Lukas Johannes Möller) - net: macb: fix use-after-free access to PTP clock (Fedor Pchelkin) - NFC: nxp-nci: allow GPIOs to sleep (Ian Ray) - nvdimm/bus: Fix potential use after free in asynchronous initialization (Ira Weiny) - sunrpc: fix cache_request leak in cache_release (Jeff Layton) - driver: iio: add missing checks on iio_info's callback access (Julien Stephan) - io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (Jens Axboe) - l2tp: do not use sock_hold() in pppol2tp_session_get_sock() (Eric Dumazet) - bpf: Forget ranges when refining tnum after JSET (PaulChaignon) - i3c: mipi-i3c-hci: Add missing TID field to no-op command descriptor (Adrian Hunter) - i3c: mipi-i3c-hci: Restart DMA ring correctly after dequeue abort (Adrian Hunter) - i3c: mipi-i3c-hci: Use ETIMEDOUT instead of ETIME for timeout errors (Adrian Hunter) - iio: imu: inv_icm42600: fix odr switch to the same value (Jean-Baptiste Maneyrol) - iio: gyro: mpu3050-i2c: fix pm_runtime error handling (Antoniu Miclaus) - iio: gyro: mpu3050-core: fix pm_runtime error handling (Antoniu Miclaus) - iio: chemical: bme680: Fix measurement wait duration calculation (Chris Spencer) - iio: potentiometer: mcp4131: fix double application of wiper shift (Lukas Schmid) - iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (Antoniu Miclaus) - iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (Antoniu Miclaus) - iio: dac: ds4424: reject -128 RAW value (Oleksij Rempel) - btrfs: abort transaction on failure to update root in the received subvol ioctl (Filipe Manana) - lib/bootconfig: check bounds before writing in __xbc_open_brace() (Josh Law) - lib/bootconfig: fix snprintf truncation check in xbc_node_compose_key_after() (Josh Law) - x86/apic: Disable x2apic on resume if the kernel expects so (Shashank Balaji) - lib/bootconfig: fix off-by-one in xbc_verify_tree() unclosed brace error (Josh Law) - xfs: fix undersized l_iclog_roundoff values (Darrick J. Wong) - tracing: Fix trace_buf_size= cmdline parameter with sizes > = 2G (Calvin Owens) - drm/amdgpu: Fix use-after-free race in VM acquire (Alysa Liu) - net: ethernet: arc: emac: quiesce interrupts before requesting IRQ (Fan Wu) - net: ncsi: fix skb leak in error paths (Jian Zhang) - parisc: Fix initial page table creation for boot (Helge Deller) - hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (Sanman Pradhan) - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (Dave Airlie) - parisc: Increase initial mapping to 64 MB with KALLSYMS (Helge Deller) - batman-adv: Avoid double-rtnl_lock ELP metric worker (SvenEckelmann) - ice: fix retry for AQ command 0x06EE (Jakub Staniszewski) - net: mana: Ring doorbell at 4 CQ wraparounds (Long Li) - media: dvb-net: fix OOB access in ULE extension header tables (Ariel Silver) - staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() (Greg Kroah-Hartman) - staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie (Luka Gejak) - irqchip/gic-v3-its: Limit number of per-device MSIs to the range the ITS supports (Marc Zyngier) - device property: Allow secondary lookup in fwnode_get_next_child_node() (Andy Shevchenko) - time/jiffies: Mark jiffies_64_to_clock_t() notrace (Steven Rostedt) - time: add kernel-doc in time.c (Randy Dunlap) - ceph: fix i_nlink underrun during async unlink (Max Kellermann) - libceph: admit message frames only in CEPH_CON_S_OPEN state (Ilya Dryomov) - libceph: Use u32 for non-negative values in ceph_monmap_decode() (Raphael Zimmer) - libceph: prevent potential out-of-bounds reads in process_message_header() (Ilya Dryomov) - libceph: reject preamble if control segment is empty (Ilya Dryomov) - libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (Raphael Zimmer) - tipc: fix divide-by-zero in tipc_sk_filter_connect() (Mehul Rao) - mmc: core: Avoid bitfield RMW for claim/retune flags (Penghe Geng) - mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index() (Felix Gu) - mm/tracing: rss_stat: ensure curr is false from kthread context (Kalesh Singh) - usb: image: mdc800: kill download URB on timeout (Ziyi Guo) - usb: mdc800: handle signal and read racing (Oliver Neukum) - usb: renesas_usbhs: fix use-after-free in ISR during device removal (Fan Wu) - usb: class: cdc-wdm: fix reordering issue in read code path (Oliver Neukum) - USB: core: Limit the length of unkillable synchronous timeouts (Alan Stern) - USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts (Alan Stern) - USB: usbcore: Introduce usb_bulk_msg_killable() (Alan Stern) - usb: cdc-acm: Restore CAP_BRK functionnality to CH343 (MarcZyngier) - usb: core: don't power off roothub PHYs if phy_set_mode() fails (Gabor Juhos) - usb: misc: uss720: properly clean up reference in uss720_probe() (Greg Kroah-Hartman) - usb: yurex: fix race in probe (Oliver Neukum) - usb: xhci: Fix memory leak in xhci_disable_slot() (Zilin Guan) - usb/core/quirks: Add Huawei ME906S-device to wakeup quirk (Christoffer Sandberg) - net: usb: lan78xx: skip LTM configuration for LAN7850 (Oleksij Rempel) - net: usb: lan78xx: fix silent drop of packets with checksum errors (Oleksij Rempel) - cgroup: fix race between task migration and iteration (Qingye Zhao) - octeontx2-af: devlink: fix NIX RAS reporter recovery condition (Alok Tiwari) - ASoC: detect empty DMI strings (Casey Connolly) - ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (Chen Ni) - ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address() (Ben Dooks) - e1000/e1000e: Fix leak in DMA error cleanup (Matt Vollrath) - i40e: fix src IP mask checks and memcpy argument names in cloud filter (Alok Tiwari) - nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set (Sungwoo Kim) - regulator: pca9450: Correct interrupt type (Peng Fan) - regulator: pca9450: Make IRQ optional (Frieder Schrempf) - netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (Yuan Tan) - netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table() (Hyunwoo Kim) - netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path (Hyunwoo Kim) - netfilter: x_tables: guard option walkers against 1-byte tail reads (David Dull) - netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() (Jenny Guanni Qu) - can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value (Wenyuan Li) - serial: caif: hold tty-> link reference in ldisc_open and ser_release (Shuangpeng Bai) - ASoC: soc-core: flush delayed work before removing DAIs and widgets (matteo.cotifava) - ASoC: core: Do not call link_exit() on uninitialized rtd objects (Amadeusz Sławiński) - ASoC: core:Exit all links before removing their components (Cezary Rojewski) - ASoC: soc-core: accept zero format at snd_soc_runtime_set_dai_fmt() (Kuninori Morimoto) - ASoC: soc-core: drop delayed_work_pending() check before flush (matteo.cotifava) - net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (Weiming Shi) - net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery (Gal Pressman) - bonding: handle BOND_LINK_FAIL, BOND_LINK_BACK as valid link states (Hangbin Liu) - xprtrdma: Decrement re_receiving on the early exit paths (Eric Badger) - powerpc: 83xx: km83xx: Fix keymile vendor prefix (J. Neuschäfer) - remoteproc: sysmon: Correct subsys_name_len type in QMI request (Bjorn Andersson) - powerpc/uaccess: Fix inline assembly for clang build on PPC32 (Christophe Leroy (CS GROUP)) - ALSA: usb-audio: Check max frame size for implicit feedback mode, too (Takashi Iwai) - ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (Takashi Iwai) - scsi: ses: Fix devices attaching to different hosts (Tomas Henzl) - ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (Sofia Schneider) - unshare: fix unshare_fs() handling (Al Viro) - scsi: mpi3mr: Add NULL checks when resetting request and reply queues (Ranjan Kumar) - ACPI: PM: Save NVS memory on Lenovo G70-35 (Piotr Mazek) - scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (Jan Kiszka) - net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (Victor Nogueira) - net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop (Jiayuan Chen) - net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (Fernando Fernandez Mancera) - net: stmmac: Fix error handling in VLAN add and delete paths (Ovidiu Panait) - nfc: rawsock: cancel tx_work before socket teardown (Jakub Kicinski) - nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (Jakub Kicinski) - nfc: nci: free skb on nci_transceive early error paths (Jakub Kicinski) - net: nfc: nci: Fix zero-length proprietary notifications (IanRay) - net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs (Koichiro Den) - amd-xgbe: fix sleep while atomic on suspend/resume (Raju Rangoju) - ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (Jakub Kicinski) - xen/acpi-processor: fix _CST detection using undersized evaluation buffer (David Thomson) - indirect_call_wrapper: do not reevaluate function pointer (Eric Dumazet) - wifi: wlcore: Fix a locking bug (Bart Van Assche) - can: mcp251x: fix deadlock in error path of mcp251x_open (Alban Bedel) - can: bcm: fix locking for bcm_op runtime updates (Oliver Hartkopp) - atm: lec: fix null-ptr-deref in lec_arp_clear_vccs (Jiayuan Chen) - dpaa2-switch: do not clear any interrupts automatically (Ioana Ciornei) - net: dpaa2-switch: serialize changes to priv-> mac with a mutex (Vladimir Oltean) - net: dpaa2-switch replace direct MAC access with dpaa2_switch_port_has_mac() (Vladimir Oltean) - net: dpaa2-switch: assign port_priv-> mac after dpaa2_mac_connect() call (Vladimir Oltean) - net: dpaa2: replace dpaa2_mac_is_type_fixed() with dpaa2_mac_is_type_phy() (Vladimir Oltean) - net: ethernet: ti: am65-cpsw-nuss/cpsw-ale: Fix multicast entry handling in ALE table (Chintan Vankar) - platform/x86: thinkpad_acpi: Fix errors reading battery thresholds (Jonathan Teh) - selftests: mptcp: more stable simult_flows tests (Paolo Abeni) - drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock() (Lars Ellenberg) - Squashfs: check metadata block offset is within range (Phillip Lougher) - net/sched: ets: fix divide by zero in the offload path (Davide Caratti) - IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() (Jason Gunthorpe) - wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (Vahagn Vardanian) - wifi: radiotap: reject radiotap with unknown bits (Johannes Berg) - ALSA: usb-audio: Use correct version for UAC3 header validation (Jun Seo) - platform/x86: dell-wmi: Add audio/mic mute key codes (Kurt Borja) - platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data(Thorsten Blum) - x86/efi: defer freeing of boot services memory (Mike Rapoport (Microsoft)) - HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (Greg Kroah-Hartman) - can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (Greg Kroah-Hartman) - can: ucan: Fix infinite loop from zero-length messages (Greg Kroah-Hartman) - can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (Greg Kroah-Hartman) - net: usb: pegasus: validate USB endpoints (Greg Kroah-Hartman) - net: usb: kalmia: validate USB endpoints (Greg Kroah-Hartman) - net: usb: kaweth: validate USB endpoints (Greg Kroah-Hartman) - nfc: pn533: properly drop the usb interface reference on disconnect (Greg Kroah-Hartman) - media: dvb-core: fix wrong reinitialization of ringbuffer on reopen (Jens Axboe) - eventpoll: Fix integer overflow in ep_loop_check_proc() (Jann Horn) - net: arcnet: com20020-pci: fix support for 2.5Mbit cards (Ethan Nelson-Moore) - ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (Takashi Iwai) - fbcon: check return value of con2fb_acquire_newinfo() (Andrey Vatoropin) - fbcon: move more common code into fb_open() (Daniel Vetter) - fbcon: Extract fbcon_open/release helpers (Daniel Vetter) - fbcon: Use delayed work for cursor (Daniel Vetter) - ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths (Namjae Jeon) - ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (Takashi Iwai) - usb: cdns3: fix role switching during resume (Thomas Richard (TI)) - usb: cdns3: call cdns_power_is_lost() only once in cdns_resume() (Théo Lebrun) - usb: cdns3: remove redundant if branch (Hongyu Xie) - clk: tegra: tegra124-emc: fix device leak on set_rate() (Johan Hovold) - mfd: omap-usb-host: Fix OF populate on driver rebind (Johan Hovold) - mfd: omap-usb-host: Convert to platform remove callback returning void (Uwe Kleine-König) - mfd: qcom-pm8xxx: Fix OF populate on driver rebind (Johan Hovold) - mfd: qcom-pm8xxx: Convert to platform remove callbackreturning void (Uwe Kleine-König) - mfd: qcom-pm8xxx: switch away from using chained IRQ handlers (Dmitry Baryshkov) - drm/tegra: dsi: fix device leak on probe (Johan Hovold) - ata: libata-scsi: refactor ata_scsi_translate() (Damien Le Moal) - ata: libata: remove pointless VPRINTK() calls (Hannes Reinecke) - ata: libata-scsi: drop DPRINTK calls for cdb translation (Hannes Reinecke) - scsi: ata: Call scsi_done() directly (Bart Van Assche) - ARM: omap2: Fix reference count leaks in omap_control_init() (Wentao Liang) - ARM: OMAP2+: add missing of_node_put before break and return (Wang Qing) - memory: mtk-smi: fix device leak on larb probe (Johan Hovold) - memory: mtk-smi: Convert to platform remove callback returning void (Uwe Kleine-König) - bpf: Fix stack-out-of-bounds write in devmap (Kohei Enju) - btrfs: fix incorrect key offset in error message in check_dev_extent_item() (Mark Harmstone) - ALSA: usb-audio: Use inclusive terms (Takashi Iwai) - ALSA: usb-audio: Cap the packet size pre-calculations (Takashi Iwai) - scsi: ufs: core: Move link recovery for hibern8 exit failure to wl_resume (Peter Wang) - scsi: ufs: core: Always initialize the UIC done completion (Bart Van Assche) - scsi: lpfc: Properly set WC for DPP mapping (Mathias Krause) - ARM: clean up the memset64() C wrapper (Thomas Weißschuh) [5.15.0-322.202.1] - scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446044] - scsi: scsi_transport_fc: Widen FPIN pname walker counter to u32 (Michael Bommarito) [Orabug: 39446044] - scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446044] - scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446044] - ima: process_measurement() needlessly takes inode_lock() on MAY_READ (Frederick Lawler) [Orabug: 39390378] - net: sched: act_api: implement generic walker and search for tc action (Zhengchao Shao) [Orabug: 39342047] - btrfs: reserve extra spacefor the free space tree (Josef Bacik) [Orabug: 39281379] - btrfs: include the free space tree in the global rsv minimum calculation (Josef Bacik) [Orabug: 39281379] [5.15.0-321.202.5] - Revert "ip6_tunnel: Fix usage of skb_vlan_inet_prepare()" (Harshit Mogalapalli) [Orabug: 39476647] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463672] [5.15.0-321.202.4] - tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429143] - tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429143] - tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429143] [5.15.0-321.202.3] - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368827] {CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368827] - ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384274] {CVE-2026-46333} - mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather (David Hildenbrand (Red Hat)) [Orabug: 38474901] - Revert "mm/hugetlb: add option to allows disabling CVE-2025-38085 mitigation" (Samasth Norway Ananda) [Orabug: 38474901] - mm/rmap: fix two comments related to huge_pmd_unshare() (David Hildenbrand (Red Hat)) [Orabug: 38474901] - mm/hugetlb: fix two comments related to huge_pmd_unshare() (David Hildenbrand (Red Hat)) [Orabug: 38474901] - mm/hugetlb: fix hugetlb_pmd_shared() (David Hildenbrand (Red Hat)) [Orabug: 38474901] [5.15.0-321.202.2] - dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler (Guenter Roeck) - Revert "arm64: dts: qcom: sdm845-oneplus: Mark l14a regulator as boot-on" (Sasha Levin) - ip6_tunnel: Fix usage of skb_vlan_inet_prepare() (Ben Hutchings) - hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (Gui-Dong Han) - wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enoughheadroom (Guenter Roeck) - sched: idle: Make skipping governor callbacks more consistent (Rafael J. Wysocki) - nvmet-tcp: fix use-before-check of sg in bounds validation (Cengiz Can) - remoteproc: mediatek: Unprepare SCP clock during system suspend (Tzung-Bi Shih) - net: openvswitch: Avoid releasing netdev before teardown completes (Toke Høiland-Jørgensen) - ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (Rafael J. Wysocki) - net: hsr: fix VLAN add unwind on slave errors (Luka Gejak) - x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39327141] {CVE-2025-54518} - xfrm: esp: ipv4: fix up flags setting (Greg Kroah-Hartman) [Orabug: 39342679] {CVE-2026-43284} - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39342679] {CVE-2026-43284} - KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un|}blocking (Maxim Levitsky) [Orabug: 39334996] - KVM: Don't block+unblock when halt-polling is successful (Sean Christopherson) [Orabug: 39334996] - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167616] {CVE-2026-31402} - net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (Victor Nogueira) [Orabug: 39103230] {CVE-2026-23270} - exadata: tools: perf: update column to comm_nodigit (Stephen Brennan) [Orabug: 39327019] - perf report: Add comm_nodigit sort key (Stephen Brennan) [Orabug: 39327019] - Revert "tools: perf: add comm_ignore_digit column" (Stephen Brennan) [Orabug: 39327019] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 kernel has important updates addressing multiple issues, including CVE-2026-43499. Patching is recommended.. Oracle Linux, kernel updates, important advisory. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 8 Kernel Important ELSA-2026-50387 CVE-2026-43499

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50387 http://linux.oracle.com/errata/ELSA-2026-50387.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-core-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-debug-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-debug-core-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-devel-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-doc-5.15.0-322.203.3.3.el8uek.noarch.rpm kernel-uek-modules-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-container-5.15.0-322.203.3.3.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-322.203.3.3.el8uek.x86_64.rpm aarch64: bpftool-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-core-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-debug-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-debug-core-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-devel-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-doc-5.15.0-322.203.3.3.el8uek.noarch.rpm kernel-uek-modules-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-container-5.15.0-322.203.3.3.el8uek.aarch64.rpm kernel-uek-container-debug-5.15.0-322.203.3.3.el8uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.15.0-322.203.3.3.el8uek.src.rpm RelatedCVEs: CVE-2026-43499 Description of changes: [5.15.0-322.203.3.3] - locking/rtmutex: Skip remove_waiter() when waiter is not enqueued (Davidlohr Bueso) [Orabug: 39706512] - rtmutex: Use waiter::task instead of current in remove_waiter() (Keenan Dong) [Orabug: 39706512] {CVE-2026-43499} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Important Oracle Linux 8 kernel update addressing security concerns with CVE-2026-43499. Immediate action required for optimum safety.. Oracle Linux kernel security patch CVE-2026-43499 important update. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 8 Unbound Critical Security Notice ELSA-2026-37282

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-37282 http://linux.oracle.com/errata/ELSA-2026-37282.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: python3-unbound-1.16.2-5.12.el8_10.x86_64.rpm unbound-1.16.2-5.12.el8_10.x86_64.rpm unbound-devel-1.16.2-5.12.el8_10.i686.rpm unbound-devel-1.16.2-5.12.el8_10.x86_64.rpm unbound-libs-1.16.2-5.12.el8_10.i686.rpm unbound-libs-1.16.2-5.12.el8_10.x86_64.rpm aarch64: python3-unbound-1.16.2-5.12.el8_10.aarch64.rpm unbound-1.16.2-5.12.el8_10.aarch64.rpm unbound-devel-1.16.2-5.12.el8_10.aarch64.rpm unbound-libs-1.16.2-5.12.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/unbound-1.16.2-5.12.el8_10.src.rpm Related CVEs: CVE-2026-40622 CVE-2026-41292 CVE-2026-42534 CVE-2026-44390 Description of changes: [1.16.2-5.12] - Fix CVE-2026-40622 (RHEL-184832) - Fix CVE-2026-44390 (RHEL-186680) - Fix CVE-2026-41292 (RHEL-187346) - Fix CVE-2026-42534 (RHEL-187081) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 security advisory ELSA-2026-37282 addresses important issues in unbound packages, enhances system integrity.. Oracle Linux update, unbound security patch, Linux security advisory. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 8 Tomcat Important Bug Fix Advisory ELSA-2026-37137

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-37137 http://linux.oracle.com/errata/ELSA-2026-37137.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tomcat-9.0.87-2.el8_10.noarch.rpm tomcat-admin-webapps-9.0.87-2.el8_10.noarch.rpm tomcat-docs-webapp-9.0.87-2.el8_10.noarch.rpm tomcat-el-3.0-api-9.0.87-2.el8_10.noarch.rpm tomcat-jsp-2.3-api-9.0.87-2.el8_10.noarch.rpm tomcat-lib-9.0.87-2.el8_10.noarch.rpm tomcat-servlet-4.0-api-9.0.87-2.el8_10.noarch.rpm tomcat-webapps-9.0.87-2.el8_10.noarch.rpm aarch64: tomcat-9.0.87-2.el8_10.noarch.rpm tomcat-admin-webapps-9.0.87-2.el8_10.noarch.rpm tomcat-docs-webapp-9.0.87-2.el8_10.noarch.rpm tomcat-el-3.0-api-9.0.87-2.el8_10.noarch.rpm tomcat-jsp-2.3-api-9.0.87-2.el8_10.noarch.rpm tomcat-lib-9.0.87-2.el8_10.noarch.rpm tomcat-servlet-4.0-api-9.0.87-2.el8_10.noarch.rpm tomcat-webapps-9.0.87-2.el8_10.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/tomcat-9.0.87-2.el8_10.src.rpm Related CVEs: CVE-2026-29146 CVE-2026-34486 Description of changes: [1:9.0.87-2] - Resolves: RHEL-183993 Remove tomcat clustering JAR from RPM builds _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 updates include important bug fixes for Tomcat, addressing vulnerabilities and enhancing security parameters.. Oracle Linux, Tomcat Updates, Security Fixes, Patch, Threat Mitigation. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 8 gstreamer1-plugins-bad-free Important Fix ELSA-2026-37130

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-37130 http://linux.oracle.com/errata/ELSA-2026-37130.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: gstreamer1-plugins-bad-free-1.16.1-8.0.1.el8_10.i686.rpm gstreamer1-plugins-bad-free-1.16.1-8.0.1.el8_10.x86_64.rpm gstreamer1-plugins-bad-free-devel-1.16.1-8.0.1.el8_10.i686.rpm gstreamer1-plugins-bad-free-devel-1.16.1-8.0.1.el8_10.x86_64.rpm aarch64: gstreamer1-plugins-bad-free-1.16.1-8.0.1.el8_10.aarch64.rpm gstreamer1-plugins-bad-free-devel-1.16.1-8.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/gstreamer1-plugins-bad-free-1.16.1-8.0.1.el8_10.src.rpm Related CVEs: CVE-2026-52720 CVE-2026-52722 Description of changes: [1.16.1-8.0.1] - Update origin URL [Orabug: 36209826] [1.16.1-8] - Fix for CVE-2026-52720: librfb framebuffer update rectangle validation Resolves: RHEL-184455 [1.16.1-7] - Fix integer overflow in vmncdec (CVE-2026-52722) Resolves: RHEL-184414 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated gstreamer1-plugins-bad-free for Oracle Linux 8 addresses Important issues with CVEs-2026-52720 and 2026-52722.. Oracle Linux, gstreamer1, security updates, plugin vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":20,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":1,"type":"x","order":2,"pct":20,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":3,"type":"x","order":3,"pct":60,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200