[4.14.35-2047.532.3.el7uek] - Revert mmc: core: Capture correct oemid-bits for eMMC cards - media: dvb-usb-v2: af9035: fix missing unlock - perf/core: Fix potential NULL deref [4.14.35-2047.532.2.el7uek] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl [Orabug: 35905888] - LTS version: 4.14.328 - Bluetooth: hci_event: Fix using memcmp when comparing keys - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name - Bluetooth: hci_sock: fix slab oob read in create_monitor_event - gpio: vf610: set value before the direction to avoid a glitch - s390/pci: fix iommu bitmap allocation - perf: Disallow mis-matched inherited group reads - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL - USB: serial: option: add entry for Sierra EM9191 with new firmware - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition - ACPI: irq: Fix incorrect return value in acpi_register_gsi - Revert pinctrl: avoid unsafe code pattern in find_pinctrl - mmc: core: Capture correct oemid-bits for eMMC cards - sky2: Make sure there is at least one frag_addr available - wifi: cfg80211: avoid leaking stack data into trace - wifi: mac80211: allow transmitting EAPOL frames with tainted key - Bluetooth: hci_core: Fix build warnings - Bluetooth: Avoid redundant authentication - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event - tracing: relax trace_event_eval_update execution with cond_resched - ata: libata-eh: Fix compilation warning in ata_eh_link_report - gpio: timberdale: Fix potential deadlock on tgpio-lock - overlayfs: set ctime when setting mtime and atime - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter - btrfs: initialize start_slot in btrfs_log_prealloc_extents - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone - i40e: prevent crash on probe if hw registers have invalid values - net: usb: smsc95xx: Fix an error code in smsc95xx_reset - net: rfkill: gpio: prevent value glitch during probe - net: ipv6: fix return value check in esp_remove_trailer - net: ipv4: fix return value check in esp_remove_trailer - xfrm: fix a data-race in xfrm_gen_index - netfilter: nft_payload: fix wrong mac header matching - KVM: x86: Mask LVTPC when handling a PMI - regmap: fix NULL deref on lookup - nfc: nci: fix possible NULL pointer dereference in send_acknowledge - Bluetooth: avoid memcmp out of bounds warning - Bluetooth: hci_event: Fix coding style - Bluetooth: vhci: Fix race when opening vhci device - Bluetooth: Fix a refcnt underflow problem for hci_conn - Bluetooth: Reject connection with the device which has same BD_ADDR - Bluetooth: hci_event: Ignore NULL link key - usb: hub: Guard against accesses to uninitialized BOS descriptors - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs - usb: gadget: ncm: Handle decoding of multiple NTB"s in unwrap call - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio - pinctrl: avoid unsafe code pattern in find_pinctrl - cgroup: Remove duplicates in cgroup v1 tasks file - Input: xpad - add PXN V900 support - Input: powermate - fix use-after-free in powermate_config_complete - ceph: fix incorrect revoked caps assert in ceph_fill_file_size - mcb: remove is_added flag from mcb_device struct - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug - iio: pressure: bmp280: Fix NULL pointer exception - usb: musb: Modify the HWVers register address - usb: musb: Get the musb_qh poniter after musb_giveback - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer - workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask - nfc: nci: assert requested protocol is valid - ixgbe: fix crash with empty VF macvlan list - drm/vmwgfx: fix typo of sizeof argument - ieee802154: ca8210: Fix a potential UAF in ca8210_probe - drm: etvnaviv: fix bad backport leading to warning - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect - RDMA/cxgb4: Check skb value for failure to allocate - LTS version: 4.14.327 - parisc: Restore __ldcw_align for PA-RISC 2.0 processors - RDMA/mlx5: Fix NULL string error - RDMA/cma: Fix truncation compilation warning in make_cma_ports - gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config - IB/mlx4: Fix the size of a buffer in add_port_entries - cpupower: add Makefile dependencies for install targets - sctp: update hb timer immediately after users change hb_interval - sctp: update transport state when processing a dupcook packet - tcp: fix delayed ACKs for MSS boundary condition - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data - modpost: add missing else to the of check - scsi: target: core: Fix deadlock due to recursive locking - regmap: rbtree: Fix wrong register marked as in-cache when creating new node - drivers/net: process the result of hdlc_open and add call of hdlc_close in uhdlc_close - ubi: Refuse attaching if mtd"s erasesize is 0 - wifi: mwifiex: Fix tlv_buf_left calculation - scsi: zfcp: Fix a double put in zfcp_port_enqueue - media: dvb: symbol fixup for dvb_attach - again - ata: libata: disallow dev-initiated LPM transitions to unsupported states - net/sched: sch_hfsc: Ensure inner classes have fsc curve [Orabug: 35810543] {CVE-2023-4623} - ext4: fix rec_len verify error - vc_screen: reload load of struct vc_data pointer in vcs_write to avoid UAF - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC - ata: libata-sata: increase PMP SRST timeout to 10s - ata: libata-core: Fix port and device removal - ata: libata-core: Fix ata_port_request_pm locking - btrfs: properly report 0 avail for very full file systems - i2c: i801: unregister tco_pdev in i801_probe error path - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data - serial: 8250_port: Check IRQ data before use - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running - watchdog: iTCO_wdt: No need to stop the timer in probe - ata: libahci: clear pending interrupt status - ata: ahci: Drop pointless VPRINTK calls and convert the remaining ones - fbdev/sh7760fb: Depend on FB=y - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset - ring-buffer: Avoid softlockup in ring_buffer_resize - selftests/ftrace: Correctly enable event in instance-event.tc - parisc: irq: Make irq_stack_union static to avoid sparse warning - parisc: iosapic.c: Fix sparse warnings - parisc: sba: Fix compile warning wrt list of SBA devices - xtensa: boot/lib: fix function prototypes - xtensa: boot: don"t add include-dirs - clk: tegra: fix error return case for recalc_rate - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe - team: fix null-ptr-deref when team device type is changed - powerpc/perf/hv-24x7: Update domain value check - ipv4: fix null-deref in ipv4_link_failure - NFS/pNFS: Report EINVAL errors from connect to the server [4.14.35-2047.532.1.el7uek] - rds/ib: Preserve dest qp num in the connect request [Orabug: 35649849] - rds: Provision to allow all trace points at module load time [Orabug: 35355776]