[4.1.12-124.66.3] - fuse: fix pipe buffer lifetime for direct_io [Orabug: 33981149] {CVE-2022-1011} - vt: drop old FONT ioctls [Orabug: 34408794] {CVE-2021-33656} - video: of_display_timing.h: include errno.h [Orabug: 34408910] {CVE-2021-33655} - fbcon: Disallow setting font bigger than screen size [Orabug: 34408910] {CVE-2021-33655} - scsi: target: Fix WRITE_SAME No Data Buffer crash [Orabug: 34419974] {CVE-2022-21546} - scsi/eh: fix hang adding ehandler wakeups after decrementing host_busy [Orabug: 33349684] [Orabug: 34492498] [4.1.12-124.66.2] - mm: enforce min addr even if capable in expand_downwards [Orabug: 29501997] {CVE-2019-9213} - ACPICA: Reference Counts: increase max to 0x4000 for large servers - ipv4: tcp: send zero IPID in SYNACK messages [Orabug: 33917058] {CVE-2020-36516} - ipv4: Cache net in ip_build_and_send_pkt and ip_queue_xmit [Orabug: 33917058] {CVE-2020-36516} - ipv4: igmp: guard against silly MTU values [Orabug: 33917058] {CVE-2020-36516} - inet: constify ip_dont_fragment arguments [Orabug: 33917058] {CVE-2020-36516} - ip: constify ip_build_and_send_pkt socket argument [Orabug: 33917058] {CVE-2020-36516} - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console [Orabug: 34433461] {CVE-2020-36557} - vt: vt_ioctl: fix race in VT_RESIZEX [Orabug: 34433476] {CVE-2020-36558} - VT_RESIZEX: get rid of field-by-field copyin [Orabug: 34433476] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34460939] [Orabug: 34484730] {CVE-2022-2588} [4.1.12-124.66.1] - net: fix uninit-value in __hw_addr_add_ex [Orabug: 34395887] - mac80211: silence an uninitialized variable warning [Orabug: 34396283]