diff -u linux-ibm-5.15-5.15.0/debian.ibm-5.15/changelog linux-ibm-5.15-5.15.0/debian.ibm-5.15/changelog
--- linux-ibm-5.15-5.15.0/debian.ibm-5.15/changelog
+++ linux-ibm-5.15-5.15.0/debian.ibm-5.15/changelog
@@ -1,3 +1,21 @@
+linux-ibm-5.15 (5.15.0-1055.58~20.04.1) focal; urgency=medium
+
+  * focal/linux-ibm-5.15: 5.15.0-1055.58~20.04.1 -proposed tracker
+    (LP: #2063604)
+
+  [ Ubuntu: 5.15.0-1055.58 ]
+
+  * jammy/linux-ibm: 5.15.0-1055.58 -proposed tracker (LP: #2063605)
+  * jammy/linux: 5.15.0-107.117 -proposed tracker (LP: #2063635)
+  * CVE-2023-52530
+    - wifi: mac80211: fix potential key use-after-free
+  * CVE-2024-26622
+    - tomoyo: fix UAF write bug in tomoyo_write_control()
+  * CVE-2023-47233
+    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
+
+ -- Hui Wang <hui.wang@canonical.com>  Thu, 09 May 2024 11:33:20 +0800
+
 linux-ibm-5.15 (5.15.0-1054.57~20.04.1) focal; urgency=medium
 
   * focal/linux-ibm-5.15: 5.15.0-1054.57~20.04.1 -proposed tracker
diff -u linux-ibm-5.15-5.15.0/debian.ibm-5.15/tracking-bug linux-ibm-5.15-5.15.0/debian.ibm-5.15/tracking-bug
--- linux-ibm-5.15-5.15.0/debian.ibm-5.15/tracking-bug
+++ linux-ibm-5.15-5.15.0/debian.ibm-5.15/tracking-bug
@@ -1 +1 @@
-2061782 2024.04.01-3
+2063604 s2024.04.01-1
diff -u linux-ibm-5.15-5.15.0/debian.ibm/changelog linux-ibm-5.15-5.15.0/debian.ibm/changelog
--- linux-ibm-5.15-5.15.0/debian.ibm/changelog
+++ linux-ibm-5.15-5.15.0/debian.ibm/changelog
@@ -1,3 +1,19 @@
+linux-ibm (5.15.0-1055.58) jammy; urgency=medium
+
+  * jammy/linux-ibm: 5.15.0-1055.58 -proposed tracker (LP: #2063605)
+
+  [ Ubuntu: 5.15.0-107.117 ]
+
+  * jammy/linux: 5.15.0-107.117 -proposed tracker (LP: #2063635)
+  * CVE-2023-52530
+    - wifi: mac80211: fix potential key use-after-free
+  * CVE-2024-26622
+    - tomoyo: fix UAF write bug in tomoyo_write_control()
+  * CVE-2023-47233
+    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
+
+ -- John Cabaj <john.cabaj@canonical.com>  Tue, 30 Apr 2024 09:53:47 -0500
+
 linux-ibm (5.15.0-1054.57) jammy; urgency=medium
 
   * jammy/linux-ibm: 5.15.0-1054.57 -proposed tracker (LP: #2061783)
diff -u linux-ibm-5.15-5.15.0/debian.ibm/tracking-bug linux-ibm-5.15-5.15.0/debian.ibm/tracking-bug
--- linux-ibm-5.15-5.15.0/debian.ibm/tracking-bug
+++ linux-ibm-5.15-5.15.0/debian.ibm/tracking-bug
@@ -1 +1 @@
-2061783 2024.04.01-3
+2063605 s2024.04.01-1
diff -u linux-ibm-5.15-5.15.0/debian.master/changelog linux-ibm-5.15-5.15.0/debian.master/changelog
--- linux-ibm-5.15-5.15.0/debian.master/changelog
+++ linux-ibm-5.15-5.15.0/debian.master/changelog
@@ -1,3 +1,18 @@
+linux (5.15.0-107.117) jammy; urgency=medium
+
+  * jammy/linux: 5.15.0-107.117 -proposed tracker (LP: #2063635)
+
+  * CVE-2023-52530
+    - wifi: mac80211: fix potential key use-after-free
+
+  * CVE-2024-26622
+    - tomoyo: fix UAF write bug in tomoyo_write_control()
+
+  * CVE-2023-47233
+    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
+
+ -- Stefan Bader <stefan.bader@canonical.com>  Fri, 26 Apr 2024 13:35:57 +0200
+
 linux (5.15.0-106.116) jammy; urgency=medium
 
   * jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)
diff -u linux-ibm-5.15-5.15.0/debian.master/tracking-bug linux-ibm-5.15-5.15.0/debian.master/tracking-bug
--- linux-ibm-5.15-5.15.0/debian.master/tracking-bug
+++ linux-ibm-5.15-5.15.0/debian.master/tracking-bug
@@ -1 +1 @@
-2061812 2024.04.01-3
+2063635 s2024.04.01-1
diff -u linux-ibm-5.15-5.15.0/debian/changelog linux-ibm-5.15-5.15.0/debian/changelog
--- linux-ibm-5.15-5.15.0/debian/changelog
+++ linux-ibm-5.15-5.15.0/debian/changelog
@@ -1,3 +1,21 @@
+linux-ibm-5.15 (5.15.0-1055.58~20.04.1) focal; urgency=medium
+
+  * focal/linux-ibm-5.15: 5.15.0-1055.58~20.04.1 -proposed tracker
+    (LP: #2063604)
+
+  [ Ubuntu: 5.15.0-1055.58 ]
+
+  * jammy/linux-ibm: 5.15.0-1055.58 -proposed tracker (LP: #2063605)
+  * jammy/linux: 5.15.0-107.117 -proposed tracker (LP: #2063635)
+  * CVE-2023-52530
+    - wifi: mac80211: fix potential key use-after-free
+  * CVE-2024-26622
+    - tomoyo: fix UAF write bug in tomoyo_write_control()
+  * CVE-2023-47233
+    - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
+
+ -- Hui Wang <hui.wang@canonical.com>  Thu, 09 May 2024 11:33:20 +0800
+
 linux-ibm-5.15 (5.15.0-1054.57~20.04.1) focal; urgency=medium
 
   * focal/linux-ibm-5.15: 5.15.0-1054.57~20.04.1 -proposed tracker
diff -u linux-ibm-5.15-5.15.0/debian/control linux-ibm-5.15-5.15.0/debian/control
--- linux-ibm-5.15-5.15.0/debian/control
+++ linux-ibm-5.15-5.15.0/debian/control
@@ -77,7 +77,7 @@
  you do not want this package. Install the appropriate linux-ibm-5.15-headers
  package instead.
 
-Package: linux-ibm-5.15-headers-5.15.0-1054
+Package: linux-ibm-5.15-headers-5.15.0-1055
 Build-Profiles: <!stage1>
 Architecture: all
 Multi-Arch: foreign
@@ -87,44 +87,44 @@
 Description: Header files related to Linux kernel version 5.15.0
  This package provides kernel header files for version 5.15.0, for sites
  that want the latest kernel headers. Please read
- /usr/share/doc/linux-ibm-5.15-headers-5.15.0-1054/debian.README.gz for details
+ /usr/share/doc/linux-ibm-5.15-headers-5.15.0-1055/debian.README.gz for details
 
-Package: linux-ibm-5.15-tools-5.15.0-1054
+Package: linux-ibm-5.15-tools-5.15.0-1055
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: devel
 Priority: optional
 Depends: ${misc:Depends}, ${shlibs:Depends}, linux-tools-common
-Description: Linux kernel version specific tools for version 5.15.0-1054
+Description: Linux kernel version specific tools for version 5.15.0-1055
  This package provides the architecture dependant parts for kernel
  version locked tools (such as perf and x86_energy_perf_policy) for
- version 5.15.0-1054 on
+ version 5.15.0-1055 on
  64 bit x86.
- You probably want to install linux-tools-5.15.0-1054-<flavour>.
+ You probably want to install linux-tools-5.15.0-1055-<flavour>.
 
-Package: linux-ibm-5.15-cloud-tools-5.15.0-1054
+Package: linux-ibm-5.15-cloud-tools-5.15.0-1055
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: devel
 Priority: optional
 Depends: ${misc:Depends}, ${shlibs:Depends}, linux-cloud-tools-common
-Description: Linux kernel version specific cloud tools for version 5.15.0-1054
+Description: Linux kernel version specific cloud tools for version 5.15.0-1055
  This package provides the architecture dependant parts for kernel
- version locked tools for cloud tools for version 5.15.0-1054 on
+ version locked tools for cloud tools for version 5.15.0-1055 on
  64 bit x86.
- You probably want to install linux-cloud-tools-5.15.0-1054-<flavour>.
+ You probably want to install linux-cloud-tools-5.15.0-1055-<flavour>.
 
 
-Package: linux-image-unsigned-5.15.0-1054-ibm
+Package: linux-image-unsigned-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: kernel
 Priority: optional
 Provides: linux-ibm-5.15-image, fuse-module, aufs-dkms, ${linux:rprovides}
-Depends: ${misc:Depends}, ${shlibs:Depends}, kmod, linux-base (>= 4.5ubuntu1~16.04.1), linux-modules-5.15.0-1054-ibm
+Depends: ${misc:Depends}, ${shlibs:Depends}, kmod, linux-base (>= 4.5ubuntu1~16.04.1), linux-modules-5.15.0-1055-ibm
 Recommends: grub-pc [amd64] | grub-efi-amd64 [amd64] | grub-efi-ia32 [amd64] | grub [amd64] | lilo [amd64] , initramfs-tools | linux-initramfs-tool
-Conflicts: linux-image-5.15.0-1054-ibm
-Suggests: fdutils, linux-ibm-5.15-doc-5.15.0 | linux-ibm-5.15-source-5.15.0, linux-ibm-5.15-tools, linux-headers-5.15.0-1054-ibm
+Conflicts: linux-image-5.15.0-1055-ibm
+Suggests: fdutils, linux-ibm-5.15-doc-5.15.0 | linux-ibm-5.15-source-5.15.0, linux-ibm-5.15-tools, linux-headers-5.15.0-1055-ibm
 Description: Linux kernel image for version 5.15.0 on 64 bit x86 SMP
  This package contains the unsigned Linux kernel image for version 5.15.0 on
  64 bit x86 SMP.
@@ -137,7 +137,7 @@
  the linux-ibm meta-package, which will ensure that upgrades work
  correctly, and that supporting packages are also installed.
 
-Package: linux-modules-5.15.0-1054-ibm
+Package: linux-modules-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: kernel
@@ -157,12 +157,12 @@
  the linux-ibm meta-package, which will ensure that upgrades work
  correctly, and that supporting packages are also installed.
 
-Package: linux-modules-extra-5.15.0-1054-ibm
+Package: linux-modules-extra-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: kernel
 Priority: optional
-Depends: ${misc:Depends}, ${shlibs:Depends}, linux-image-5.15.0-1054-ibm | linux-image-unsigned-5.15.0-1054-ibm
+Depends: ${misc:Depends}, ${shlibs:Depends}, linux-image-5.15.0-1055-ibm | linux-image-unsigned-5.15.0-1055-ibm
 Description: Linux kernel extra modules for version 5.15.0 on 64 bit x86 SMP
  This package contains the Linux kernel extra modules for version 5.15.0 on
  64 bit x86 SMP.
@@ -179,21 +179,21 @@
  the linux-ibm meta-package, which will ensure that upgrades work
  correctly, and that supporting packages are also installed.
 
-Package: linux-headers-5.15.0-1054-ibm
+Package: linux-headers-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: devel
 Priority: optional
-Depends: ${misc:Depends}, linux-ibm-5.15-headers-5.15.0-1054, ${shlibs:Depends}
+Depends: ${misc:Depends}, linux-ibm-5.15-headers-5.15.0-1055, ${shlibs:Depends}
 Provides: linux-headers, linux-headers-3.0
 Description: Linux kernel headers for version 5.15.0 on 64 bit x86 SMP
  This package provides kernel header files for version 5.15.0 on
  64 bit x86 SMP.
  .
  This is for sites that want the latest kernel headers.  Please read
- /usr/share/doc/linux-ibm-5.15-headers-5.15.0-1054/debian.README.gz for details.
+ /usr/share/doc/linux-ibm-5.15-headers-5.15.0-1055/debian.README.gz for details.
 
-Package: linux-image-unsigned-5.15.0-1054-ibm-dbgsym
+Package: linux-image-unsigned-5.15.0-1055-ibm-dbgsym
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: devel
@@ -210,30 +210,30 @@
  is uncompressed, and unstripped. This package also includes the
  unstripped modules.
 
-Package: linux-tools-5.15.0-1054-ibm
+Package: linux-tools-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: devel
 Priority: optional
-Depends: ${misc:Depends}, linux-ibm-5.15-tools-5.15.0-1054
-Description: Linux kernel version specific tools for version 5.15.0-1054
+Depends: ${misc:Depends}, linux-ibm-5.15-tools-5.15.0-1055
+Description: Linux kernel version specific tools for version 5.15.0-1055
  This package provides the architecture dependant parts for kernel
  version locked tools (such as perf and x86_energy_perf_policy) for
- version 5.15.0-1054 on
+ version 5.15.0-1055 on
  64 bit x86.
 
-Package: linux-cloud-tools-5.15.0-1054-ibm
+Package: linux-cloud-tools-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: devel
 Priority: optional
-Depends: ${misc:Depends}, linux-ibm-5.15-cloud-tools-5.15.0-1054
-Description: Linux kernel version specific cloud tools for version 5.15.0-1054
+Depends: ${misc:Depends}, linux-ibm-5.15-cloud-tools-5.15.0-1055
+Description: Linux kernel version specific cloud tools for version 5.15.0-1055
  This package provides the architecture dependant parts for kernel
- version locked tools for cloud for version 5.15.0-1054 on
+ version locked tools for cloud for version 5.15.0-1055 on
  64 bit x86.
 
-Package: linux-buildinfo-5.15.0-1054-ibm
+Package: linux-buildinfo-5.15.0-1055-ibm
 Build-Profiles: <!stage1>
 Architecture: amd64
 Section: kernel
diff -u linux-ibm-5.15-5.15.0/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c linux-ibm-5.15-5.15.0/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
--- linux-ibm-5.15-5.15.0/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ linux-ibm-5.15-5.15.0/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -790,8 +790,7 @@
 	scan_request = cfg->scan_request;
 	cfg->scan_request = NULL;
 
-	if (timer_pending(&cfg->escan_timeout))
-		del_timer_sync(&cfg->escan_timeout);
+	timer_delete_sync(&cfg->escan_timeout);
 
 	if (fw_abort) {
 		/* Do a scan abort to stop the driver's scan engine */
@@ -7781,6 +7780,7 @@
 	brcmf_btcoex_detach(cfg);
 	wiphy_unregister(cfg->wiphy);
 	wl_deinit_priv(cfg);
+	cancel_work_sync(&cfg->escan_timeout_work);
 	brcmf_free_wiphy(cfg->wiphy);
 	kfree(cfg);
 }
diff -u linux-ibm-5.15-5.15.0/net/mac80211/cfg.c linux-ibm-5.15-5.15.0/net/mac80211/cfg.c
--- linux-ibm-5.15-5.15.0/net/mac80211/cfg.c
+++ linux-ibm-5.15-5.15.0/net/mac80211/cfg.c
@@ -511,6 +511,9 @@
 		sta->cipher_scheme = cs;
 
 	err = ieee80211_key_link(key, sdata, sta);
+	/* KRACK protection, shouldn't happen but just silently accept key */
+	if (err == -EALREADY)
+		err = 0;
 
  out_unlock:
 	mutex_unlock(&local->sta_mtx);
only in patch2:
unchanged:
--- linux-ibm-5.15-5.15.0.orig/net/mac80211/key.c
+++ linux-ibm-5.15-5.15.0/net/mac80211/key.c
@@ -843,7 +843,7 @@
 	 */
 	if (ieee80211_key_identical(sdata, old_key, key)) {
 		ieee80211_key_free_unused(key);
-		ret = 0;
+		ret = -EALREADY;
 		goto out;
 	}
 
only in patch2:
unchanged:
--- linux-ibm-5.15-5.15.0.orig/security/tomoyo/common.c
+++ linux-ibm-5.15-5.15.0/security/tomoyo/common.c
@@ -2657,13 +2657,14 @@
 {
 	int error = buffer_len;
 	size_t avail_len = buffer_len;
-	char *cp0 = head->write_buf;
+	char *cp0;
 	int idx;
 
 	if (!head->write)
 		return -EINVAL;
 	if (mutex_lock_interruptible(&head->io_sem))
 		return -EINTR;
+	cp0 = head->write_buf;
 	head->read_user_buf_avail = 0;
 	idx = tomoyo_read_lock();
 	/* Read a line and dispatch it to the policy handler. */