A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key.

In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping.

In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry.

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry.

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios.

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak.

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one.

In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove.

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function.

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup().

In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF.

In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket.

A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access.

In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions().

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng.

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context.

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups.

In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode.

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group().

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init().

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message.

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path.

In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()'.

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET.

In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound.

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm().

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds.

In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent.

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close.

In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests.

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close.

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug.

In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K.

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref.

In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache.

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset.

In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth.

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow.

In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool.

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault().

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment.

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery.

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero.

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout.

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change.

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes.

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups.

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak.

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination.

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work.

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash.

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash.

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update.

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head.

In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer.

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior.

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow.

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree.

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue.

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash. Bug Fixes: * Kernel panic - kernel BUG at mm/slub.c:376!. * Temporary values in FIPS integrity test should be zeroized [rhel-8.10.z]. * RHEL8.6 - kernel: s390/cpum_cf: make crypto counters upward compatible. * [RHEL8] blktests block/024 failed. * RHEL8.9: EEH injections results Error: Power fault on Port 0 and other call traces(Everest/1050/Shiner). * Latency spikes with Matrox G200 graphic cards.