HDF5 H5FL.c H5FL__malloc memory leak

HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow

Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()

Integer Truncation on SQLite

libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.

In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()

mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()

NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

crypto: starfive - Correctly handle return of sg_nents_for_len

wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()

backlight: led-bl: Add devlink to supplier LEDs

drm/vgem-fence: Fix potential deadlock on release

block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock

staging: most: remove broken i2c driver

ALSA: firewire-motu: add bounds check in put_user loop for DSP events

spi: tegra210-quad: Fix timeout handling

scsi: qla2xxx: Clear cmds after chip reset

bpf: Free special fields when update [lru_,]percpu_hash maps