The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: out-of-bounds reads in pinctrl subsystem * kernel: Improper input validation in some Intel Ethernet E810 Adapter drivers * kernel: Insufficient access control in some Intel Ethernet E810 Adapter drivers * kernel: Uncontrolled resource consumption in some Intel Ethernet E810 Adapter drivers * kernel: Fragmentation cache not cleared on reconnection * kernel: Reassembling fragments encrypted under different keys * kernel: wifi frame payload being parsed incorrectly as an L2 frame * kernel: Forwarding EAPOL from unauthenticated wifi client * kernel: accepting plaintext data frames in protected networks * kernel: not verifying TKIP MIC of fragmented frames * kernel: accepting fragmented plaintext frames in protected networks * kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header * kernel: accepting plaintext broadcast fragments as full frames * kernel: powerpc: RTAS calls can be used to compromise kernel integrity * kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free * kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value * kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt * kernel: Improper access control in BlueZ may allow information disclosure vulnerability. * kernel: Use-after-free in ndb_queue_rq in drivers/block/nbd.c * kernel: Linux kernel eBPF RINGBUF map oversized allocation * kernel: double free in bluetooth subsystem when the HCI device initialization fails * kernel: use-after-free in function hci_sock_bound_ioctl * kernel: eBPF 32-bit source register truncation on div/mod * kernel: DoS in rb_per_cpu_empty * kernel: Mounting overlayfs inside an unprivileged user namespace can reveal files * kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt * kernel: Race condition in sctp_destroy_sock list_del * kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode * kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c * kernel: protection can be bypassed to leak content of kernel memory * kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c * kernel: lack a full memory barrier may lead to DoS * kernel: local escalation of privileges in handling of eBPF programs * kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory * kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier * kernel: reassembling encrypted fragments with non-consecutive packet numbers * kernel: reassembling mixed encrypted/plaintext fragments * kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 * kernel: NULL pointer dereference in llsec_key_alloc in net/mac802154/llsec.c * kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure * kernel: out of bounds array access in drivers/md/dm-ioctl.c