In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split.

A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4_xattr_inode_dec_ref_all function (related to the ext4 filesystem's extended attributes). An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service condition that compromises system availability.

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes.

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send().

In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks.

In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram().

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path.

A dangling pointer vulnerability was found in the Linux kernel. When an async control is written, a copy of a pointer is made in the file handle that started the operation. If the user closes that file descriptor, its structure will be freed and there will be one dangling pointer per pending async control that the driver will try to use, leading to denial of service of the system.