In the Linux kernel, the following vulnerability has been resolved:
IB/qib: Protect from buffer overflow in struct qibusersdma_pkt fields
Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all the places doing math on user controlled buffers.