diff --git a/blacklist.conf b/blacklist.conf
index e4aac5b..a35d46a 100644
--- a/blacklist.conf
+++ b/blacklist.conf
@@ -1885,3 +1885,8 @@ aa6a45850224fc19dbc6058598a9dc57db45b530 # breaks kAPI semantics in an unaccepta
 67a948779067f5b2e4e0c5aa67d010c525c8a0ad # breaks kAPI semantics in an unacceptable way
 b6be55625138c07627d7559ecdd11333545436ae # breaks kAPI semantics in an unacceptable way
 f88359e1588b85cf0e8209ab7d6620085f3441d9 # not relevant in configurations supported in SLE12
+d120198bd5ff1d41808b6914e1eb89aff937415c # doesn't apply
+85d0011264da24be08ae907d7f29983a597ca9b1 # doesn't apply
+2183de4161b90bd3851ccd3910c87b2c9adfc6ed # doesn't apply
+bc1c56e9bbe92766d017efb5f0a0c71f80da5570 # already applied
+3de218ff39b9e3f0d453fe3154f12a174de44b25 # doesn't apply
diff --git a/patches.suse/cxgb4-fix-wrong-shift.patch b/patches.suse/cxgb4-fix-wrong-shift.patch
new file mode 100644
index 0000000..1fa5350
--- /dev/null
+++ b/patches.suse/cxgb4-fix-wrong-shift.patch
@@ -0,0 +1,35 @@
+From 39eb028183bc7378bb6187067e20bf6d8c836407 Mon Sep 17 00:00:00 2001
+From: Pavel Machek <pavel@denx.de>
+Date: Fri, 18 Jun 2021 11:29:48 +0200
+Subject: [PATCH] cxgb4: fix wrong shift.
+Patch-mainline: v5.13-rc7
+Git-commit: 39eb028183bc7378bb6187067e20bf6d8c836407
+References: git-fixes
+
+While fixing coverity warning, commit dd2c79677375 introduced typo in
+shift value. Fix that.
+
+Signed-off-by: Pavel Machek (CIP) <pavel@denx.de>
+Fixes: dd2c79677375 ("cxgb4: Fix unintentional sign extension issues")
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Acked-by: Denis Kirjanov <denis.kirjanov@suse.com>
+---
+ drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c
+index 22c9ac922eba..6260b3bebd2b 100644
+--- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c
++++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c
+@@ -198,7 +198,7 @@ static void set_nat_params(struct adapter *adap, struct filter_entry *f,
+ 				      WORD_MASK, f->fs.nat_lip[3] |
+ 				      f->fs.nat_lip[2] << 8 |
+ 				      f->fs.nat_lip[1] << 16 |
+-				      (u64)f->fs.nat_lip[0] << 25, 1);
++				      (u64)f->fs.nat_lip[0] << 24, 1);
+ 		}
+ 	}
+ 
+-- 
+2.16.4
+
diff --git a/patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch b/patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch
new file mode 100644
index 0000000..c6957b0
--- /dev/null
+++ b/patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch
@@ -0,0 +1,71 @@
+From 56b786d86694e079d8aad9b314e015cd4ac02a3d Mon Sep 17 00:00:00 2001
+From: Dongliang Mu <mudongliangabcd@gmail.com>
+Date: Wed, 16 Jun 2021 10:48:33 +0800
+Subject: [PATCH] net: usb: fix possible use-after-free in smsc75xx_bind
+Patch-mainline: v5.13-rc7
+Git-commit: 56b786d86694e079d8aad9b314e015cd4ac02a3d
+References: git-fixes
+
+The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind")
+fails to clean up the work scheduled in smsc75xx_reset->
+smsc75xx_set_multicast, which leads to use-after-free if the work is
+scheduled to start after the deallocation. In addition, this patch
+also removes a dangling pointer - dev->data[0].
+
+This patch calls cancel_work_sync to cancel the scheduled work and set
+the dangling pointer to NULL.
+
+Fixes: 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind")
+Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Acked-by: Denis Kirjanov <denis.kirjanov@suse.com>
+---
+ drivers/net/usb/smsc75xx.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/drivers/net/usb/smsc75xx.c b/drivers/net/usb/smsc75xx.c
+index b286993da67c..13141dbfa3a8 100644
+--- a/drivers/net/usb/smsc75xx.c
++++ b/drivers/net/usb/smsc75xx.c
+@@ -1483,7 +1483,7 @@ static int smsc75xx_bind(struct usbnet *dev, struct usb_interface *intf)
+ 	ret = smsc75xx_wait_ready(dev, 0);
+ 	if (ret < 0) {
+ 		netdev_warn(dev->net, "device not ready in smsc75xx_bind\n");
+-		goto err;
++		goto free_pdata;
+ 	}
+ 
+ 	smsc75xx_init_mac_address(dev);
+@@ -1492,7 +1492,7 @@ static int smsc75xx_bind(struct usbnet *dev, struct usb_interface *intf)
+ 	ret = smsc75xx_reset(dev);
+ 	if (ret < 0) {
+ 		netdev_warn(dev->net, "smsc75xx_reset error %d\n", ret);
+-		goto err;
++		goto cancel_work;
+ 	}
+ 
+ 	dev->net->netdev_ops = &smsc75xx_netdev_ops;
+@@ -1503,8 +1503,11 @@ static int smsc75xx_bind(struct usbnet *dev, struct usb_interface *intf)
+ 	dev->net->max_mtu = MAX_SINGLE_PACKET_SIZE;
+ 	return 0;
+ 
+-err:
++cancel_work:
++	cancel_work_sync(&pdata->set_multicast);
++free_pdata:
+ 	kfree(pdata);
++	dev->data[0] = 0;
+ 	return ret;
+ }
+ 
+@@ -1515,7 +1518,6 @@ static void smsc75xx_unbind(struct usbnet *dev, struct usb_interface *intf)
+ 		cancel_work_sync(&pdata->set_multicast);
+ 		netif_dbg(dev, ifdown, dev->net, "free pdata\n");
+ 		kfree(pdata);
+-		pdata = NULL;
+ 		dev->data[0] = 0;
+ 	}
+ }
+-- 
+2.16.4
+
diff --git a/patches.suse/netfilter-x_tables-fix-compat-match-target-pad-out-o.patch b/patches.suse/netfilter-x_tables-fix-compat-match-target-pad-out-o.patch
new file mode 100644
index 0000000..da8976a
--- /dev/null
+++ b/patches.suse/netfilter-x_tables-fix-compat-match-target-pad-out-o.patch
@@ -0,0 +1,99 @@
+From: Florian Westphal <fw@strlen.de>
+Date: Wed, 7 Apr 2021 21:38:57 +0200
+Subject: netfilter: x_tables: fix compat match/target pad out-of-bound write
+Patch-mainline: v5.12-rc8
+Git-commit: b29c457a6511435960115c0f548c4360d5f4801d
+References: CVE-2021-22555 bsc#1188116
+
+xt_compat_match/target_from_user doesn't check that zeroing the area
+to start of next rule won't write past end of allocated ruleset blob.
+
+Remove this code and zero the entire blob beforehand.
+
+Reported-by: syzbot+cfc0247ac173f597aaaa@syzkaller.appspotmail.com
+Reported-by: Andy Nguyen <theflow@google.com>
+Fixes: 9fa492cdc160c ("[NETFILTER]: x_tables: simplify compat API")
+Signed-off-by: Florian Westphal <fw@strlen.de>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Acked-by: Michal Kubecek <mkubecek@suse.cz>
+
+---
+ net/ipv4/netfilter/arp_tables.c |  2 ++
+ net/ipv4/netfilter/ip_tables.c  |  2 ++
+ net/ipv6/netfilter/ip6_tables.c |  2 ++
+ net/netfilter/x_tables.c        | 10 ++--------
+ 4 files changed, 8 insertions(+), 8 deletions(-)
+
+--- a/net/ipv4/netfilter/arp_tables.c
++++ b/net/ipv4/netfilter/arp_tables.c
+@@ -1187,6 +1187,8 @@ static int translate_compat_table(struct xt_table_info **pinfo,
+ 	if (!newinfo)
+ 		goto out_unlock;
+ 
++	memset(newinfo->entries, 0, size);
++
+ 	newinfo->number = compatr->num_entries;
+ 	for (i = 0; i < NF_ARP_NUMHOOKS; i++) {
+ 		newinfo->hook_entry[i] = compatr->hook_entry[i];
+--- a/net/ipv4/netfilter/ip_tables.c
++++ b/net/ipv4/netfilter/ip_tables.c
+@@ -1434,6 +1434,8 @@ translate_compat_table(struct net *net,
+ 	if (!newinfo)
+ 		goto out_unlock;
+ 
++	memset(newinfo->entries, 0, size);
++
+ 	newinfo->number = compatr->num_entries;
+ 	for (i = 0; i < NF_INET_NUMHOOKS; i++) {
+ 		newinfo->hook_entry[i] = compatr->hook_entry[i];
+--- a/net/ipv6/netfilter/ip6_tables.c
++++ b/net/ipv6/netfilter/ip6_tables.c
+@@ -1450,6 +1450,8 @@ translate_compat_table(struct net *net,
+ 	if (!newinfo)
+ 		goto out_unlock;
+ 
++	memset(newinfo->entries, 0, size);
++
+ 	newinfo->number = compatr->num_entries;
+ 	for (i = 0; i < NF_INET_NUMHOOKS; i++) {
+ 		newinfo->hook_entry[i] = compatr->hook_entry[i];
+--- a/net/netfilter/x_tables.c
++++ b/net/netfilter/x_tables.c
+@@ -593,7 +593,7 @@ void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
+ {
+ 	const struct xt_match *match = m->u.kernel.match;
+ 	struct compat_xt_entry_match *cm = (struct compat_xt_entry_match *)m;
+-	int pad, off = xt_compat_match_offset(match);
++	int off = xt_compat_match_offset(match);
+ 	u_int16_t msize = cm->u.user.match_size;
+ 	char name[sizeof(m->u.user.name)];
+ 
+@@ -603,9 +603,6 @@ void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
+ 		match->compat_from_user(m->data, cm->data);
+ 	else
+ 		memcpy(m->data, cm->data, msize - sizeof(*cm));
+-	pad = XT_ALIGN(match->matchsize) - match->matchsize;
+-	if (pad > 0)
+-		memset(m->data + match->matchsize, 0, pad);
+ 
+ 	msize += off;
+ 	m->u.user.match_size = msize;
+@@ -945,7 +942,7 @@ void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr,
+ {
+ 	const struct xt_target *target = t->u.kernel.target;
+ 	struct compat_xt_entry_target *ct = (struct compat_xt_entry_target *)t;
+-	int pad, off = xt_compat_target_offset(target);
++	int off = xt_compat_target_offset(target);
+ 	u_int16_t tsize = ct->u.user.target_size;
+ 	char name[sizeof(t->u.user.name)];
+ 
+@@ -955,9 +952,6 @@ void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr,
+ 		target->compat_from_user(t->data, ct->data);
+ 	else
+ 		memcpy(t->data, ct->data, tsize - sizeof(*ct));
+-	pad = XT_ALIGN(target->targetsize) - target->targetsize;
+-	if (pad > 0)
+-		memset(t->data + target->targetsize, 0, pad);
+ 
+ 	tsize += off;
+ 	t->u.user.target_size = tsize;
diff --git a/patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch b/patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
new file mode 100644
index 0000000..a41792b
--- /dev/null
+++ b/patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
@@ -0,0 +1,29 @@
+From: Eric Sandeen <sandeen@redhat.com>
+Subject: seq_file: Disallow extremely large seq buffer allocations
+References: bsc#1188062, CVE-2021-33909
+Patch-mainline: Not yet, embargoed security
+
+There is no reasonable need for a buffer larger than this,
+and it avoids int overflow pitfalls.
+
+Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Eric Sandeen <sandeen@redhat.com>
+Acked-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
+---
+
+---
+ fs/seq_file.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/fs/seq_file.c
++++ b/fs/seq_file.c
+@@ -25,6 +25,9 @@
+ 
+ static void *seq_buf_alloc(unsigned long size)
+ {
++	if (unlikely(size > MAX_RW_COUNT))
++		return NULL;
++
+ 	return kvmalloc(size, GFP_KERNEL);
+ }
+ 
diff --git a/series.conf b/series.conf
index e9b8dd5..a6d19e8 100644
--- a/series.conf
+++ b/series.conf
@@ -58718,6 +58718,7 @@
 	patches.suse/HID-alps-fix-error-return-code-in-alps_input_configu.patch
 	patches.suse/HID-wacom-Assign-boolean-values-to-a-bool-variable.patch
 	patches.suse/HID-wacom-set-EV_KEY-and-EV_ABS-only-for-non-HID_GEN.patch
+	patches.suse/netfilter-x_tables-fix-compat-match-target-pad-out-o.patch
 	patches.suse/ibmvnic-avoid-calling-napi_disable-twice.patch
 	patches.suse/ibmvnic-remove-duplicate-napi_schedule-call-in-do_re.patch
 	patches.suse/ibmvnic-remove-duplicate-napi_schedule-call-in-open-.patch
@@ -59206,9 +59207,11 @@
 	patches.suse/cfg80211-call-cfg80211_leave_ocb-when-switching-away.patch
 	patches.suse/alx-Fix-an-error-handling-path-in-alx_probe.patch
 	patches.suse/bpf-Fix-leakage-under-speculation-on-mispredicted-br.patch
+	patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch
 	patches.suse/can-bcm-fix-infoleak-in-struct-bcm_msg_head.patch
 	patches.suse/can-mcba_usb-fix-memory-leak-in-mcba_usb.patch
 	patches.suse/r8152-Avoid-memcpy-over-reading-of-ETH_SS_STATS.patch
+	patches.suse/cxgb4-fix-wrong-shift.patch
 	patches.suse/Revert-PCI-PM-Do-not-read-power-state-in-pci_enable_.patch
 	patches.suse/drm-nouveau-wait-for-moving-fence-after-pinning-v2.patch
 	patches.suse/drm-radeon-wait-for-moving-fence-after-pinning.patch
@@ -59701,6 +59704,7 @@
 	patches.suse/procfs-add-tunable-for-fd-fdinfo-dentry-retention.patch
 	patches.suse/fs-namespace.c-fix-mountpoint-reference-counter-race.patch
 	patches.suse/DMAPI-work-around-12sp5.patch
+	patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
 
 	########################################################
 	# xfs/ext4/btrfs/reiserfs