diff --git a/debian/changelog b/debian/changelog
index 72453433f..e7d2f952a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,25 @@
-linux (3.2.22-1) UNRELEASED; urgency=low
+linux (3.2.23-1) UNRELEASED; urgency=low
 
   * New upstream stable update:
     http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.22
     - nilfs2: ensure proper cache clearing for gc-inodes
     - ath9k_hw: avoid possible infinite loop in ar9003_get_pll_sqsum_dvc
+    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.23
+    - splice: fix racy pipe->buffers uses
+    - NFC: Prevent multiple buffer overflows in NCI (CVE-2012-3364)
+    - NFC: Return from rawsock_release when sk is NULL
+    - md/raid5: Do not add data_offset before call to is_badblock
+    - md/raid5: In ops_run_io, inc nr_pending before calling
+      md_wait_for_blocked_rdev
+    - md/raid10: fix failure when trying to repair a read error.
+    - udf: Avoid run away loop when partition table length is corrupted
+    - udf: Fortify loading of sparing table (CVE-2012-3400)
+    - l2tp: fix a race in l2tp_ip_sendmsg()
+    - netpoll: fix netpoll_send_udp() bugs
+    - Btrfs: run delayed directory updates during log replay
+    - ocfs2: clear unaligned io flag when dio fails
+    - aio: make kiocb->private NUll in init_sync_kiocb()
+    - mm: Hold a file reference in madvise_remove
 
   [ Ben Hutchings ]
   * linux-libc-dev: Fix redundant 'GNU glibc' in description (Closes: #631228)
diff --git a/debian/patches/bugfix/all/ethtool-allow-ETHTOOL_GSSET_INFO-for-users.patch b/debian/patches/bugfix/all/ethtool-allow-ETHTOOL_GSSET_INFO-for-users.patch
deleted file mode 100644
index f40e768e1..000000000
--- a/debian/patches/bugfix/all/ethtool-allow-ETHTOOL_GSSET_INFO-for-users.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: =?UTF-8?q?Micha=C5=82=20Miros=C5=82aw?= <mirq-linux@rere.qmqm.pl>
-Date: Sun, 22 Jan 2012 00:20:40 +0000
-Subject: ethtool: allow ETHTOOL_GSSET_INFO for users
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-commit f80400a26a2e8bff541de12834a1134358bb6642 upstream.
-
-Allow ETHTOOL_GSSET_INFO ethtool ioctl() for unprivileged users.
-ETHTOOL_GSTRINGS is already allowed, but is unusable without this one.
-
-Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
-Acked-by: Ben Hutchings <bhutchings@solarflare.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/core/ethtool.c |    1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/net/core/ethtool.c b/net/core/ethtool.c
-index 921aa2b..369b418 100644
---- a/net/core/ethtool.c
-+++ b/net/core/ethtool.c
-@@ -1311,6 +1311,7 @@ int dev_ethtool(struct net *net, struct ifreq *ifr)
- 	case ETHTOOL_GRXCSUM:
- 	case ETHTOOL_GTXCSUM:
- 	case ETHTOOL_GSG:
-+	case ETHTOOL_GSSET_INFO:
- 	case ETHTOOL_GSTRINGS:
- 	case ETHTOOL_GTSO:
- 	case ETHTOOL_GPERMADDR:
diff --git a/debian/patches/bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch b/debian/patches/bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch
deleted file mode 100644
index 86b0554bc..000000000
--- a/debian/patches/bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From: Jason Wang <jasowang@redhat.com>
-Date: Wed, 30 May 2012 21:18:10 +0000
-Subject: net: sock: validate data_len before allocating skb in
- sock_alloc_send_pskb()
-
-commit cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc upstream.
-
-We need to validate the number of pages consumed by data_len, otherwise frags
-array could be overflowed by userspace. So this patch validate data_len and
-return -EMSGSIZE when data_len may occupies more frags than MAX_SKB_FRAGS.
-
-Signed-off-by: Jason Wang <jasowang@redhat.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/core/sock.c |    7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/net/core/sock.c b/net/core/sock.c
-index 653f8c0..9e5b71f 100644
---- a/net/core/sock.c
-+++ b/net/core/sock.c
-@@ -1592,6 +1592,11 @@ struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
- 	gfp_t gfp_mask;
- 	long timeo;
- 	int err;
-+	int npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
-+
-+	err = -EMSGSIZE;
-+	if (npages > MAX_SKB_FRAGS)
-+		goto failure;
- 
- 	gfp_mask = sk->sk_allocation;
- 	if (gfp_mask & __GFP_WAIT)
-@@ -1610,14 +1615,12 @@ struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len,
- 		if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) {
- 			skb = alloc_skb(header_len, gfp_mask);
- 			if (skb) {
--				int npages;
- 				int i;
- 
- 				/* No pages, we're done... */
- 				if (!data_len)
- 					break;
- 
--				npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
- 				skb->truesize += data_len;
- 				skb_shinfo(skb)->nr_frags = npages;
- 				for (i = 0; i < npages; i++) {
diff --git a/debian/patches/series b/debian/patches/series
index 9f1b3fbec..05f7b9d4e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -305,7 +305,6 @@ features/all/hidepid/0004-proc-fix-mount-t-proc-o-AAA.patch
 
 bugfix/all/NFSv4-Reduce-the-footprint-of-the-idmapper.patch
 bugfix/all/NFSv4-Further-reduce-the-footprint-of-the-idmapper.patch
-bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch
 
 bugfix/all/macvtap-zerocopy-fix-offset-calculation-when-buildin.patch
 bugfix/all/macvtap-zerocopy-fix-truesize-underestimation.patch
@@ -314,7 +313,6 @@ bugfix/all/macvtap-zerocopy-set-SKBTX_DEV_ZEROCOPY-only-when-sk.patch
 bugfix/all/macvtap-zerocopy-validate-vectors-before-building-sk.patch
 
 bugfix/all/KVM-Fix-buffer-overflow-in-kvm_set_irq.patch
-bugfix/all/ethtool-allow-ETHTOOL_GSSET_INFO-for-users.patch
 
 # CPU sysdev removal from 3.3 and x86 CPU auto-loading from 3.4
 features/all/cpu-devices/driver-core-implement-sysdev-functionality-for-regul.patch