pmdomain: arm: scmi: Fix genpd leak on provider registration failure

drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_process

drm/amdgpu: remove two invalid BUG_ON()s

crash: fix crashkernel resource shrink

drm/amd/display: Cache streams targeting link when performing LT automation

drm/xe/guc: Add devm release action to safely tear down CT

drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()

HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow

tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()

HDF5 H5Centry.c H5C__load_entry resource consumption

media: nxp: imx8-isi: Fix streaming cleanup on release

amd/amdkfd: enhance kfd process check in switch partition

HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow

In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.

HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow

Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

urllib3 Streaming API improperly handles highly compressed data

urllib3 allows an unbounded number of links in the decompression chain

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

LIBPNG has an out-of-bounds read in png_image_read_composite