- ipv6: ip6_sk_dst_check() must not assume ipv6 dst (CVE-2013-2232) - af_key: fix info leaks in notify messages (CVE-2013-2234) - af_key: initialize satype in key_notify_policy_flush() (CVE-2013-2237)