From: Sashiko Review <sashiko@example.com> This patch series fixes CVE-2026-43456 in the OLK-6.6 branch. * Patch 1: bonding: fix type confusion in bond_setup_by_slave() (Main CVE fix - prevents kernel crash when non-Ethernet device is enslaved to a bond) * Patch 2: bonding: prevent potential infinite loop in bond_header_parse() (Newbugfix - adds dev parameter to header_ops->parse to prevent infinite loop when bonding devices are stacked) Eric Dumazet (1): bonding: prevent potential infinite loop in bond_header_parse() Jiayuan Chen (1): bonding: fix type confusion in bond_setup_by_slave() drivers/firewire/net.c | 5 ++-- drivers/net/bonding/bond_main.c | 49 ++++++++++++++++++++++++++++++++- include/linux/etherdevice.h | 3 +- include/linux/if_ether.h | 3 +- include/linux/netdevice.h | 6 ++-- net/ethernet/eth.c | 9 ++---- net/ipv4/ip_gre.c | 3 +- net/mac802154/iface.c | 4 ++- net/phonet/af_phonet.c | 5 +++- 9 files changed, 71 insertions(+), 16 deletions(-) -- 2.43.0