drm/gpusvm: fix hmm_pfn_to_map_order() usage

drm/amdgpu: validate userq input args

drm/amdgpu: validate userq buffer virtual address and size

f2fs: fix infinite loop in __insert_extent_tree()

drm/amdkfd: Fix mmap write lock not release

sctp: Prevent TOCTOU out-of-bounds write

drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb

smb: client: fix potential UAF in smb2_close_cached_fid()

md/raid10: wait barrier before returning discard request with REQ_NOWAIT

NFSD: Fix crash in nfsd4_read_release()

fbcon: Set fb_display[i]->mode to NULL when the mode is released

fbdev: bitblit: bound-check glyph index in bit_putcs*

wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode

bpf: Sync pending IRQ work before freeing ring buffer

regmap: slimbus: fix bus_context pointer in regmap init calls

usb: gadget: f_fs: Fix epfile null pointer access after ep enable.

usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget

ntfs3: pretend $Extend records as regular files

jfs: Verify inode mode when loading from disk

accel/habanalabs: support mapping cb with vmalloc-backed coherent memory