- xen/netback: Ensure protocol headers don't fall in the non-linear area (This is XSA-423 / CVE-2022-3643) - xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424 / CVE-2022-42328 / CVE-2022-42329)