Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4155 Kirill Tkhai discovered a data leak in the way the XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for a size increase of files with unaligned size. A local attacker can take advantage of this flaw to leak data on the XFS filesystem. CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 Juergen Gross reported that malicious PV backends can cause a denial of service to guests being serviced by those backends via high frequency events, even if those backends are running in a less privileged environment. CVE-2021-28714, CVE-2021-28715 Juergen Gross discovered that Xen guests can force the Linux netback driver to hog large amounts of kernel memory, resulting in denial of service. CVE-2021-39685 Szymon Heidrich discovered a buffer overflow vulnerability in the USB gadget subsystem, resulting in information disclosure, denial of service or privilege escalation. CVE-2021-45095 It was discovered that the Phone Network protocol driver has a reference count leak in the pep_sock_accept function. CVE-2021-45469 Wenqing Liu reported an out-of-bounds memory access in the f2fs implementation if an inode has an invalid last xattr entry. An attacker able to mount a specially crafted image can take advantage of this flaw for denial of service. CVE-2021-45480 A memory leak flaw was discovered in the __rds_conn_create function in the RDS protocol subsystem. CVE-2022-0185 William Liu, Jamie Hill-Daniel, Isaac Badipe, Alec Petridis, Hrvoje Misetic and Philip Papurt discovered a heap-based buffer overflow flaw in the legacy_parse_param function in the Filesystem Context functionality, allowing an local user to escalate privileges. CVE-2022-23222 "tr3e" discovered that the BPF verifier does not properly restrict several *_OR_NULL pointer types allowing these types to do pointer arithmetic. A local user with the ability to call bpf, can take advantage of this flaw to excalate privileges. Unprivileged calls to bpf are disabled by default in Debian, mitigating this flaw.