[4.14.35-2047.512.6.el7uek] - Revert rds/ib: recover rds connection from stuck rx path [Orabug: 34039271] - uek-rpm: update kABI lists for new symbols [Orabug: 33993774] [4.14.35-2047.512.5.el7uek] - netfilter: nf_tables: initialize registers in nft_do_chain [Orabug: 34012925] {CVE-2022-1016} - rds: Fix incorrect initialization order [Orabug: 33923372] - btrfs: unlock newly allocated extent buffer after error [Orabug: 33997138] {CVE-2021-4149} - sr9700: sanity check for packet length [Orabug: 33962706] {CVE-2022-26966} [4.14.35-2047.512.4.el7uek] - Linux 4.14.265 - ext4: fix error handling in ext4_restore_inline_data - EDAC/xgene: Fix deferred probing - EDAC/altera: Fix deferred probing - rtc: cmos: Evaluate century appropriate - selftests: futex: Use variable MAKE instead of make - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. - scsi: bnx2fc: Make bnx2fc_recv_frame mp safe - ASoC: fsl: Add missing error handling in pcm030_fabric_probe - drm/i915/overlay: Prevent divide by zero bugs in scaling - net: macsec: Verify that send_sci is on when setting Tx sci explicitly - net: ieee802154: Return meaningful error codes from the netlink helpers - net: ieee802154: ca8210: Stop leaking skb"s - spi: meson-spicc: add IRQ check in meson_spicc_probe - spi: mediatek: Avoid NULL pointer crash in interrupt - spi: bcm-qspi: check for valid cs before applying chip select - iommu/amd: Fix loop timeout issue in iommu_ga_log_enable - iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping - RDMA/mlx4: Don"t continue event handler after memory allocation failure - block: bio-integrity: Advance seed correctly for larger interval sizes - drm/nouveau: fix off by one in BIOS boundary checking - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw - audit: improve audit queue handling when audit=1 on cmdline - af_packet: fix data-race in packet_setsockopt / packet_setsockopt - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink - net: amd-xgbe: Fix skb data length underflow - net: amd-xgbe: ensure to reset the tx_timer_active flag - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback - netfilter: nat: limit port clash resolution attempts - netfilter: nat: remove l4 protocol port rovers - bpf: fix truncated jump targets on heavy expansions - ipv4: raw: lock the socket in raw_bind - yam: fix a memory leak in yam_siocdevprivate - ibmvnic: don"t spin in tasklet - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - drm/msm: Fix wrong size calculation - net-procfs: show net devices bound packet types - NFSv4: nfs_atomic_open can race when looking up a non-regular file - NFSv4: Handle case where the lookup of a directory fails - hwmon: Reduce maximum conversion rate for G781 - ping: fix the sk_bound_dev_if match in ping_lookup - net: fix information leakage in /proc/net/ptype - ipv6_tunnel: Rate limit warning messages - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev - i40e: fix unsigned stat widths - i40e: Increase delay to 1 s after global EMP reset - lkdtm: Fix content of section containing lkdtm_rodata_do_nothing - powerpc/32: Fix boot failure with GCC latent entropy plugin - net: sfp: ignore disabled SFP node - usb: typec: tcpm: Do not disconnect while receiving VBUS off - USB: core: Fix hang in usb_kill_urb by adding memory barriers - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - usb: common: ulpi: Fix crash in ulpi_match - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge - tty: Add support for Brainboxes UC cards. - tty: n_gsm: fix SW flow control encoding/handling - serial: stm32: fix software flow control transfer - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments - PM: wakeup: simplify the output logic of pm_show_wakelocks - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices - s390/hypfs: include z/VM guests with access control group set - Bluetooth: refactor malicious adv data check - Linux 4.14.264 - can: bcm: fix UAF of bcm op - Linux 4.14.263 - gianfar: fix jumbo packets+napi+rx overrun crash - gianfar: simplify FCS handling and fix memory leak - drm/ttm/nouveau: don"t call tt destroy callback on alloc failure. - mips,s390,sh,sparc: gup: Work around the COW can break either way issue - lib82596: Fix IRQ check in sni_82596_probe - scripts/dtc: dtx_diff: remove broken example from help text - bcmgenet: add WOL IRQ check - net_sched: restore mpu xxx handling - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition - dmaengine: at_xdmac: Fix lld view setting - dmaengine: at_xdmac: Print debug message after realeasing the lock - dmaengine: at_xdmac: Don"t start transactions at tx_submit level - libcxgb: Don"t accidentally set RTO_ONLINK in cxgb_find_route - netns: add schedule point in ops_exit_list - net: axienet: fix number of TX ring slots for available check - net: axienet: Wait for PhyRstCmplt after core reset - af_unix: annote lockless accesses to unix_tot_inflight gc_in_progress - parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries - net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module - powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses - powerpc/cell: Fix clang -Wimplicit-fallthrough warning - RDMA/rxe: Fix a typo in opcode name - RDMA/hns: Modify the mapping attribute of doorbell to device - Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization - firmware: Update Kconfig help text for Google firmware - drm/radeon: fix error handling in radeon_driver_open_kms - crypto: stm32/crc32 - Fix kernel BUG triggered in probe - ext4: don"t use the orphan list when migrating an inode - ext4: Fix BUG_ON in ext4_bread when write quota data - ext4: set csum seed in tmp inode while migrating to extents - ext4: make sure quota gets properly shutdown on error - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds - cputime, cpuacct: Include guest time in user time in cpuacct.stat - serial: Fix incorrect rs485 polarity on uart open - ubifs: Error path in ubifs_remount_rw seems to wrongly free write buffers - power: bq25890: Enable continuous conversion for ADC at charging - ASoC: mediatek: mt8173: fix device_node leak - scsi: sr: Don"t use GFP_DMA - MIPS: Octeon: Fix build errors using clang - i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters - MIPS: OCTEON: add put_device after of_find_device_by_node - ALSA: seq: Set upper limit of processed events - w1: Misuse of get_user/put_user reported by sparse - i2c: mpc: Correct I2C reset procedure - powerpc/smp: Move setup_profiling_timer under CONFIG_PROFILING - i2c: i801: Don"t silently correct invalid transfer size - powerpc/watchdog: Fix missed watchdog reset due to memory ordering race - powerpc/btext: add missing of_node_put - powerpc/cell: add missing of_node_put - powerpc/powernv: add missing of_node_put - powerpc/6xx: add missing of_node_put - parisc: Avoid calling faulthandler_disabled twice - serial: core: Keep mctrl register state and cached copy in sync - serial: pl010: Drop CR register reset on set_termios - net: phy: marvell: configure RGMII delays for 88E1118 - dm space map common: add bounds check to sm_ll_lookup_bitmap - dm btree: add a defensive bounds check to insert_at - mac80211: allow non-standard VHT MCS-10/11 - net: mdio: Demote probed message to debug print - btrfs: remove BUG_ON in find_parent_nodes - btrfs: remove BUG_ON in find_parent_nodes - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R - ACPICA: Utilities: Avoid deleting the same object twice in a row - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions - jffs2: GC deadlock reading a page that is used in jffs2_write_begin - um: registers: Rename function names to avoid conflicts and build problems - iwlwifi: remove module loading failure message - iwlwifi: fix leaks/bad data after failed firmware load - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 - arm64: tegra: Adjust length of CCPLEX cluster MMIO region - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach - media: igorplugusb: receiver overflow should be reported - bpf: Do not WARN in bpf_warn_invalid_xdp_action - net: bonding: debug: avoid printing debug logs when bond is not notifying peers - ath10k: Fix tx hanging - iwlwifi: mvm: synchronize with FW after multicast commands - media: m920x: don"t use stack on USB reads - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach - media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. - floppy: Add max size check for user space request - usb: uhci: add aspeed ast2600 uhci support - mwifiex: Fix skb_over_panic in mwifiex_usb_recv - HSI: core: Fix return freed object in hsi_new_client - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use - drm/bridge: megachips: Ensure both bridges are probed before registration - mlxsw: pci: Add shutdown method in PCI driver - media: b2c2: Add missing check in flexcop_pci_isr: - HID: apple: Do not reset quirks when the Fn key is not found - usb: gadget: f_fs: Use stream_open for endpoint files - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply - fs: dlm: filter user dlm messages for kernel locks - Bluetooth: Fix debugfs entry leak in hci_register_dev - RDMA/cxgb4: Set queue pair state when being queried - mips: bcm63xx: add support for clk_set_parent - mips: lantiq: add support for clk_set_parent - misc: lattice-ecp3-config: Fix task hung when firmware load failed - ASoC: samsung: idma: Check of ioremap return value - iommu/iova: Fix race between FQ timeout and teardown - dmaengine: pxa/mmp: stop referencing config-gt;slave_id - RDMA/core: Let ib_find_gid continue search even after empty entry - scsi: ufs: Fix race conditions related to driver data - char/mwave: Adjust io port register size - ALSA: oss: fix compile error when OSS_DEBUG is enabled - powerpc/prom_init: Fix improper check of prom_getprop - RDMA/hns: Validate the pkey index - ALSA: hda: Add missing rwsem around snd_ctl_remove calls - ALSA: PCM: Add missing rwsem around snd_ctl_remove calls - ALSA: jack: Add missing rwsem around snd_ctl_remove calls - ext4: avoid trim error on fs with small groups - net: mcs7830: handle usb read errors properly - pcmcia: fix setting of kthread task states - can: xilinx_can: xcan_probe: check for error irq - can: softing: softing_startstop: fix set but not used variable warning - tpm: add request_locality before write TPM_INT_ENABLE - spi: spi-meson-spifc: Add missing pm_runtime_disable in meson_spifc_probe - fsl/fman: Check for null pointer after calling devm_ioremap - ppp: ensure minimum packet size in ppp_write - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region - x86/mce/inject: Avoid out-of-bounds write when setting flags - usb: ftdi-elan: fix memory leak on device disconnect - media: msi001: fix possible null-ptr-deref in msi001_probe - media: dw2102: Fix use after free - sched/rt: Try to restart rt period timer when rt runtime exceeded - media: si2157: Fix warm tuner state detection - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach - media: dib8000: Fix a memleak in dib8000_init - floppy: Fix hang in watchdog when disk is ejected - serial: amba-pl011: do not request memory region twice - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode - arm64: dts: qcom: msm8916: fix MMC controller aliases - netfilter: bridge: add support for pppoe filtering - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released - tty: serial: atmel: Call dma_async_issue_pending - tty: serial: atmel: Check return code of dmaengine_submit - crypto: qce - fix uaf on qce_ahash_register_one - media: dmxdev: fix UAF when dvb_register_device fails - Bluetooth: stop proccessing malicious adv data - media: em28xx: fix memory leak in em28xx_init_dev - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND - clk: bcm-2835: Remove rounding up the dividers - clk: bcm-2835: Pick the closest clock rate - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets fails - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode - can: softing_cs: softingcs_probe: fix memleak on registration failure - media: stk1160: fix control-message timeouts - media: pvrusb2: fix control-message timeouts - media: redrat3: fix control-message timeouts - media: dib0700: fix undefined behavior in tuner shutdown - media: s2255: fix control-message timeouts - media: cpia2: fix control-message timeouts - media: em28xx: fix control-message timeouts - media: mceusb: fix control-message timeouts - media: flexcop-usb: fix control-message timeouts - rtc: cmos: take rtc_lock while reading from CMOS - nfc: llcp: fix NULL error pointer dereference on sendmsg after failed bind - HID: wacom: Avoid using stale array indicies to read contact count - HID: wacom: Ignore the confidence flag when a touch is removed - HID: uhid: Fix worker destroying device without any protection - Bluetooth: fix init and cleanup of sco_conn.timeout_work - Bluetooth: schedule SCO timeouts with delayed_work - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore with interrupts enabled - media: uvcvideo: fix division by zero at stream start - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk - staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn - random: fix data race on crng init time - random: fix data race on crng_node_pool - can: gs_usb: gs_can_start_xmit: zero-initialize hf-gt;{flags,reserved} - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data - mfd: intel-lpss: Fix too early PM enablement in the ACPI -gt;probe - USB: Fix slab-out-of-bounds Write bug in usb_hcd_poll_rh_status - USB: core: Fix bug in resuming hub"s handling of wakeup requests - Bluetooth: bfusb: fix division by zero in send path - Linux 4.14.262 - mISDN: change function names to avoid conflicts - net: udp: fix alignment problem in udp4_seq_show - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate - scsi: libiscsi: Fix UAF in iscsi_conn_get_param/iscsi_conn_teardown - ipv6: Do cleanup if attribute validation fails in multipath route - ipv6: Continue processing multipath route even if gateway attribute is invalid - phonet: refcount leak in pep_sock_accep - rndis_host: support Hytera digital radios - power: reset: ltc2952: Fix use of floating point literals - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route - ipv6: Check attribute length for RTA_GATEWAY in multipath route - i40e: Fix incorrect netdev"s real number of RX/TX queues - i40e: fix use-after-free in i40e_sync_filters_subtask - mac80211: initialize variable have_higher_than_11mbit - RDMA/core: Don"t infoleak GRH fields - ieee802154: atusb: fix uninit value in atusb_set_extended_addr - virtio_pci: Support surprise removal of virtio pci device - tracing: Tag trace_percpu_buffer as a percpu pointer - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf - Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models [4.14.35-2047.512.3.el7uek] - lib/timerqueue: Rely on rbtree semantics for next timer [Orabug: 33406086] {CVE-2021-20317} {CVE-2021-20317} - rds/ib: Resize CQ if send-/recv-ring-size are changed [Orabug: 33940520] - uek-rpm: remove uek-rpm/ol8 [Orabug: 33665655] - uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT [Orabug: 33973455] - sched: restore the sliding search window for select_idle_cpu [Orabug: 33965297] - NFSv4: Handle case where the lookup of a directory fails [Orabug: 33958155] {CVE-2022-24448} - Linux 4.14.261 - sctp: use call_rcu to free endpoint - net: fix use-after-free in tw_timer_handler - Input: spaceball - fix parsing of movement data packets - Input: appletouch - initialize work before device registration - binder: fix async_free_space accounting for empty parcels - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. - uapi: fix linux/nfc.h userspace compilation errors - nfc: uapi: use kernel size_t to fix user-space builds - fsl/fman: Fix missing put_device call in fman_port_probe - NFC: st21nfca: Fix memory leak in device probe and remove - net: usb: pegasus: Do not drop long Ethernet frames - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write - selinux: initialize proto variable in selinux_ip_postroute_compat - recordmcount.pl: fix typo in s390 mcount regex - platform/x86: apple-gmux: use resource_size with res - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option - Linux 4.14.260 - phonet/pep: refuse to enable an unbound pipe - hamradio: improve the incomplete fix to avoid NPD - hamradio: defer ax25 kfree after unregister_netdev - ax25: NPD bug when detaching AX25 device - hwmon: Do not report "busy" status bit as alarm - KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state - usb: gadget: u_ether: fix race in setting MAC address in setup phase - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr - ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling - pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines - x86/pkey: Fix undefined behaviour with PKRU_WD_BIT - Input: atmel_mxt_ts - fix double free in mxt_read_info_block - ALSA: drivers: opl3: Fix incorrect use of vp-gt;state - ALSA: jack: Check the return value of kstrdup - hwmon: Fix usage of CONFIG2 register in detect function - sfc: falcon: Check null pointer of rx_queue-gt;page_ring - drivers: net: smc911x: Check for error irq - fjes: Check for error irq - bonding: fix ad_actor_system option setting to default - net: skip virtio_net_hdr_set_proto if protocol already set - qlcnic: potential dereference null pointer of rx_queue-gt;page_ring - spi: change clk_disable_unprepare to clk_unprepare - HID: holtek: fix mouse probing - can: kvaser_usb: get CAN clock frequency from device - net: usb: lan78xx: add Allied Telesis AT29M2-AF - x86/speculation: Add knob for eibrs_retpoline_enabled [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Update link to AMD speculation whitepaper [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Use generic retpoline by default on AMD [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting [Orabug: 33937656] {CVE-2021-26401} - Documentation/hw-vuln: Update spectre doc [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Add eIBRS + Retpoline options [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Merge one test in spectre_v2_user_select_mitigation [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Update ALTERNATIVEs to match upstream [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Fix bug in retpoline mode on AMD with `spectre_v2=none` [Orabug: 33937656] {CVE-2021-26401} - ACPICA: Enable sleep button on ACPI legacy wake [Orabug: 33925502] - ipv4: tcp: send zero IPID in SYNACK messages [Orabug: 33917057] {CVE-2020-36516} - ipv4: avoid using shared IP generator for connected sockets [Orabug: 33917057] {CVE-2020-36516} - lib/iov_iter: initialize flags in new pipe_buffer [Orabug: 33910800] {CVE-2022-0847} - x86/speculation: The choice of retpoline mode is sometimes ignored [Orabug: 33890092] - udf: Restore i_lenAlloc when inode expansion fails [Orabug: 33870267] {CVE-2022-0617} - udf: Fix NULL ptr deref when converting from inline format [Orabug: 33870267] {CVE-2022-0617} - scsi: libiscsi: Hold back_lock when calling iscsi_complete_task [Orabug: 33851182] - drm/vmwgfx: Fix stale file descriptors on failed usercopy [Orabug: 33840433] {CVE-2022-22942} - drm/i915: Flush TLBs before releasing backing store [Orabug: 33835811] {CVE-2022-0330} - proc/vmcore: fix clearing user buffer by properly using clear_user [Orabug: 33832650] - rds/ib: recover rds connection from stuck rx path [Orabug: 33820767] - rds: ib: Make selection of completion_vector QoS aware [Orabug: 33819408] - Enable CONFIG_DM_DUST and nano for UEK5 [Orabug: 33653698] - dm dust: use dust block size for badblocklist index [Orabug: 33653698] - dm dust: Make dm_dust_init and dm_dust_exit static [Orabug: 33653698] - dm dust: remove redundant unsigned comparison to less than zero [Orabug: 33653698] - dm: add dust target [Orabug: 33653698] - hugetlbfs: flush TLBs correctly after huge_pmd_unshare [Orabug: 33617219] {CVE-2021-4002} - rds/ib: handle posted ACK during connection shutdown [Orabug: 33820747] - rds/ib: reap tx completions during connection shutdown [Orabug: 33820747] - rds/ib: recover rds connection from stuck tx path [Orabug: 33820747] - rds/ib: Kernel change to extend rds-info functionality [Orabug: 33821341] - uek-rpm: Add missing symbols to kabi_lockedlist [Orabug: 33871558] [4.14.35-2047.512.1.el7uek] - Revert stable: clamp SUBLEVEL in 4.14 [Orabug: 33861950] - tipc: improve size validations for received domain records [Orabug: 33850803] {CVE-2022-0435} {CVE-2022-0435} - cgroup-v1: Require capabilities to set release_agent [Orabug: 33825688] {CVE-2022-0492} - blk-stat: delete useless code [Orabug: 33772945] - DMA/rxe: Update default value of RXE_MAX_PDN [Orabug: 33676598] [4.14.35-2047.512.0.el7uek] - bpf: Disallow unprivileged bpf by default [Orabug: 33734682] - bpf: Add kconfig knob for disabling unpriv bpf by default [Orabug: 33734682] - RDMA/rxe: Use correct sizing on buffers holding page DMA addresses [Orabug: 33676942] - hwmon: Add support for Zen3 CPUs [Orabug: 33782835] - arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table [Orabug: 33787546] - uek-rpm: Pensando: Enable Elba EDAC [Orabug: 33831294] - dsc-drivers: update for 1.15.9-C-64 [Orabug: 33831294] - drivers/hwmon: Adding support LTC3888 [Orabug: 33831294] - drivers/edac: Add Elba EDAC support [Orabug: 33831294] - arm64/configs: Remove CONFIG_PENSANDO_SOC_CAPMEM_HUGEPAGE [Orabug: 33831294] - drivers/soc/pensando: Add reset cause driver [Orabug: 33831294] - net/rds: Fix memory leak in __rds_conn_create on alloc_ordered_workqueue fail [Orabug: 33811475] - x86/smpboot: check cpu_initialized_mask first after returning from schedule [Orabug: 33544127] - Linux 4.14.259 - xen/console: harden hvc_xen against event channel storms - Input: touchscreen - avoid bitwise vs logical OR warning - ARM: 8800/1: use choice for kernel unwinders - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO - ARM: 8805/2: remove unneeded naked function usage - net: lan78xx: Avoid unnecessary self assignment - fuse: annotate lock in fuse_reverse_inval_entry - ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name - firmware: arm_scpi: Fix string overflow in SCPI genpd driver - net: systemport: Add global locking for descriptor lifecycle - libata: if T_LENGTH is zero, dma direction should be DMA_NONE - timekeeping: Really make sure wall_to_monotonic isn"t positive - USB: serial: option: add Telit FN990 compositions - PCI/MSI: Mask MSI-X vectors only on success - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error - USB: gadget: bRequestType is a bitfield, not a enum - sit: do not call ipip6_dev_free from sit_init_net - net/packet: rx_owner_map depends on pg_vec - ixgbe: set X550 MDIO speed before talking to PHY - igbvf: fix double free in `igbvf_probe` - soc/tegra: fuse: Fix bitwise vs. logical OR warning - dmaengine: st_fdma: fix MODULE_ALIAS - ARM: socfpga: dts: fix qspi node compatible - x86/sme: Explicitly map new EFI memmap table as encrypted - nfsd: fix use-after-free due to delegation race - audit: improve robustness of the audit queue handling - dm btree remove: fix use after free in rebalance_children - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 - mac80211: send ADDBA requests using the tid/queue of the aggregation session - hwmon: Fix warning on /proc/i8k creation error - bpf: fix panic due to oob in bpf_prog_test_run_skb - tracing: Fix a kmemleak false positive in tracing_map - net: netlink: af_netlink: Prevent empty skb by adding a check on len. - i2c: rk3x: Handle a spurious start completion interrupt flag - parisc/agp: Annotate parisc agp init functions with __init - net/mlx4_en: Update reported link modes for 1/10G - drm/msm/dsi: set default num_data_lanes - nfc: fix segfault in nfc_genl_dump_devices_done - Linux 4.14.258 - irqchip: nvic: Fix offset for Interrupt Priority Offsets - irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL - irqchip/armada-370-xp: Fix support for Multi-MSI interrupts - irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - iio: adc: axp20x_adc: fix charging current reporting on AXP22x - iio: dln2: Check return value of devm_iio_trigger_register - iio: dln2-adc: Fix lockdep complaint - iio: itg3200: Call iio_trigger_notify_done on error - iio: kxsd9: Don"t return error code in trigger handler - iio: ltr501: Don"t return error code in trigger handler - iio: mma8452: Fix trigger reference couting - iio: stk3310: Don"t return error code in interrupt handler - iio: trigger: stm32-timer: fix MODULE_ALIAS - iio: trigger: Fix reference counting - usb: core: config: using bit mask instead of individual bits - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending - usb: core: config: fix validation of wMaxPacketValue entries - USB: gadget: zero allocate endpoint 0 buffers - USB: gadget: detect too-big endpoint 0 requests - net/qla3xxx: fix an error code in ql_adapter_up - net, neigh: clear whole pneigh_entry at alloc time - net: fec: only clear interrupt of handling queue in fec_enet_rx_queue - net: altera: set a couple error code in probe - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero - qede: validate non LSO skb length - block: fix ioprio_get vs setuid - tracefs: Set all files to the same group ownership as the mount option - signalfd: use wake_up_pollfree - binder: use wake_up_pollfree - wait: add wake_up_pollfree - libata: add horkage for ASMedia 1092 - can: m_can: Disable and ignore ELO interrupt - can: pch_can: pch_can_rx_normal: fix use after free - tracefs: Have new files inherit the ownership of their parent - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params* - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: ctl: Fix copy of updated id with element read/write - mm: bdi: initialize bdi_min_ratio when bdi is unregistered - IB/hfi1: Correct guard on eager buffer deallocation - seg6: fix the iif in the IPv6 socket control block - nfp: Fix memory leak in nfp_cpp_area_cache_add - bpf: Fix the off-by-two error in range markings - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - can: sja1000: fix use after free in ems_pcmcia_add_card - HID: check for valid USB device for many HID drivers - HID: wacom: fix problems when device is not a valid USB device - HID: add USB_HID dependancy on some USB HID drivers - HID: add USB_HID dependancy to hid-chicony - HID: add USB_HID dependancy to hid-prodikeys - HID: add hid_is_usb function to make it simpler for USB detection - Linux 4.14.257 {CVE-2021-38199} - parisc: Mark cr16 CPU clocksource unstable on all SMP machines - serial: core: fix transmit-buffer reset and memleak - serial: pl011: Add ACPI SBSA UART match id - tty: serial: msm_serial: Deactivate RX DMA for polling support - x86/64/mm: Map all kernel memory into trampoline_pgd - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - vgacon: Propagate console boot parameters before calling `vc_resize" - parisc: Fix make install on newer debian releases - parisc: Fix KBUILD_IMAGE for self-extracting kernel - net/smc: Keep smc_close_final rc during active close - net/rds: correct socket tunable error in rds_tcp_tune - net: usb: lan78xx: lan78xx_phy_init: use PHY_POLL instead of 0 if no IRQ is available - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources - siphash: use _unaligned version by default - net: mpls: Fix notifications when deleting a device - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings - natsemi: xtensa: fix section mismatch warnings - sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl - kprobes: Limit max data_size of the kretprobe instances - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit - perf hist: Fix memory leak of a perf_hpp_fmt - net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock - net: tulip: de4x5: fix the problem that the array "lp-gt;phy[8]" may be out of bound - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port - scsi: iscsi: Unblock session then wake up error handler - thermal: core: Reset previous low and high trip during thermal zone init - btrfs: check-integrity: fix a warning on write caching disabled disk - s390/setup: avoid using memblock_enforce_memory_limit - platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep - net: return correct error code - NFSv42: Fix pagecache invalidation after COPY/CLONE - ipc: WARN if trying to remove ipc object which is absent - shm: extend forced shm destroy to support objects from several IPC nses - tty: hvc: replace BUG_ON with negative return value - xen: sync include/xen/interface/io/ring.h with Xen"s newest version - fuse: release pipe buf after last use - NFC: add NCI_UNREG flag to eliminate the race - arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function - arm64: dts: marvell: armada-37xx: declare PCIe reset pin - pinctrl: armada-37xx: Correct PWM pins definitions - pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup - pinctrl: armada-37xx: Correct mpp definitions - PCI: aardvark: Fix checking for link up via LTSSM state - PCI: aardvark: Fix link training - PCI: aardvark: Fix PCIe Max Payload Size setting - PCI: aardvark: Configure PCIe resources from "ranges" DT property - PCI: aardvark: Remove PCIe outbound window configuration - PCI: aardvark: Update comment about disabling link training - PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link - PCI: aardvark: Fix compilation on s390 - PCI: aardvark: Don"t touch PCIe registers if no card connected - PCI: aardvark: Introduce an advk_pcie_valid_device helper - PCI: aardvark: Indicate error in "val" when config read fails - PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros - PCI: aardvark: Issue PERST via GPIO - PCI: aardvark: Improve link training - PCI: aardvark: Train link immediately after enabling training - PCI: aardvark: Wait for endpoint to be ready before training link - PCI: aardvark: Fix a leaked reference by adding missing of_node_put - PCI: aardvark: Fix I/O space page leak - s390/mm: validate VMA in PGSTE manipulation functions - tracing: Check pid filtering when creating events - vhost/vsock: fix incorrect used length reported to the guest - net/smc: Don"t call clcsock shutdown twice when smc shutdown - MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows - net/smc: Ensure the active closing peer first closes clcsock - ipv6: fix typos in __ip6_finish_output - drm/vc4: fix error code in vc4_create_object - scsi: mpt3sas: Fix kernel panic during drive powercycle test - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE - NFSv42: Don"t fail clone unless the OP_CLONE operation failed - net: ieee802154: handle iftypes as u32 - ASoC: topology: Add missing rwsem around snd_ctl_remove calls - ARM: dts: BCM5301X: Add interrupt properties to GPIO node - ARM: dts: BCM5301X: Fix I2C controller interrupt - netfilter: ipvs: Fix reuse connection if RS weight is 0 - tracing: Fix pid filtering when triggers are attached - xen: detect uninitialized xenbus in xenbus_init - xen: don"t continue xenstore initialization in case of errors - fuse: fix page stealing - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect - HID: wacom: Use Confidence flag to prevent reporting invalid contacts - media: cec: copy sequence field for the reply - ALSA: ctxfi: Fix out-of-range access - usb: hub: Fix locking issues with address0_mutex - usb: hub: Fix usb enumeration issue due to address0 race - USB: serial: option: add Fibocom FM101-GL variants - USB: serial: option: add Telit LE910S1 0x9200 composition