diff --git a/Patchlist.changelog b/Patchlist.changelog
index 7e17ec4d8..4f89e841b 100644
--- a/Patchlist.changelog
+++ b/Patchlist.changelog
@@ -1,3 +1,6 @@
+"https://gitlab.com/cki-project/kernel-ark/-/commit"/d2fdc4eb94179d410f628f7f56a6740d6d7f6540
+ d2fdc4eb94179d410f628f7f56a6740d6d7f6540 Revert "wifi: cfg80211: Fix use after free for wext"
+
 "https://gitlab.com/cki-project/kernel-ark/-/commit"/a95fa0b4dd6a8a8aa27d72c95cd8fc522f420996
  a95fa0b4dd6a8a8aa27d72c95cd8fc522f420996 iommu/amd: Do not identity map v2 capable device when snp is enabled
 
diff --git a/kernel.spec b/kernel.spec
index 4aeb73e4f..346aedef2 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -147,17 +147,17 @@ Summary: The Linux kernel
 #  the --with-release option overrides this setting.)
 %define debugbuildsenabled 1
 # define buildid .local
-%define specversion 6.2.3
+%define specversion 6.2.5
 %define patchversion 6.2
 %define pkgrelease 300
 %define kversion 6
-%define tarfile_release 6.2.3
+%define tarfile_release 6.2.5
 # This is needed to do merge window version magic
 %define patchlevel 2
 # This allows pkg_release to have configurable %%{?dist} tag
 %define specrelease 300%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 6.2.3
+%define kabiversion 6.2.5
 
 # If this variable is set to 1, a bpf selftests build failure will cause a
 # fatal kernel package build error
@@ -3345,6 +3345,14 @@ fi
 #
 #
 %changelog
+* Sat Mar 11 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.2.5-300]
+- Drop the applypatches for f37 (Justin M. Forbes)
+
+* Sat Mar 11 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.2.5-0]
+- Revert "wifi: cfg80211: Fix use after free for wext" (Justin M. Forbes)
+- Fix up buildReqs for UKI (Justin M. Forbes)
+- Linux v6.2.5
+
 * Fri Mar 10 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.2.3-0]
 - Add new config option for 6.2.3 (Justin M. Forbes)
 - Only build the efiuki for F37 and newer (Justin M. Forbes)
diff --git a/patch-6.2-redhat.patch b/patch-6.2-redhat.patch
index c27bfcc9f..c3dc3eb97 100644
--- a/patch-6.2-redhat.patch
+++ b/patch-6.2-redhat.patch
@@ -28,15 +28,16 @@
  include/linux/rmi.h                                |   1 +
  include/linux/security.h                           |   5 +
  kernel/module/signing.c                            |   9 +-
+ net/wireless/sme.c                                 |  31 +-
  scripts/tags.sh                                    |   2 +
  security/integrity/platform_certs/load_uefi.c      |   6 +-
  security/lockdown/Kconfig                          |  13 +
  security/lockdown/lockdown.c                       |   1 +
  security/security.c                                |   6 +
- 35 files changed, 980 insertions(+), 177 deletions(-)
+ 36 files changed, 985 insertions(+), 203 deletions(-)
 
 diff --git a/Makefile b/Makefile
-index eef164b4172a..e38d656104e5 100644
+index 1a1d63f2a9ed..eaa3abdb6864 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -22,6 +22,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
@@ -936,7 +937,7 @@ index 258d5fe3d395..f7298e3dc8f3 100644
  	if (data->f01_container->dev.driver) {
  		/* Driver already bound, so enable ATTN now. */
 diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
-index 50d858f36a81..d217c6b2c532 100644
+index f8100067502f..e0823c45e2fa 100644
 --- a/drivers/iommu/iommu.c
 +++ b/drivers/iommu/iommu.c
 @@ -8,6 +8,7 @@
@@ -947,7 +948,7 @@ index 50d858f36a81..d217c6b2c532 100644
  #include <linux/kernel.h>
  #include <linux/bits.h>
  #include <linux/bug.h>
-@@ -2811,6 +2812,27 @@ int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat)
+@@ -2813,6 +2814,27 @@ int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat)
  }
  EXPORT_SYMBOL_GPL(iommu_dev_disable_feature);
 
@@ -976,7 +977,7 @@ index 50d858f36a81..d217c6b2c532 100644
   * Changes the default domain of an iommu group that has *only* one device
   *
 diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
-index 20ac67d59034..1c1eb7feb5d4 100644
+index 494fa46f5767..27bc8dd45ad8 100644
 --- a/drivers/pci/quirks.c
 +++ b/drivers/pci/quirks.c
 @@ -4296,6 +4296,30 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_BROADCOM, 0x9000,
@@ -1705,6 +1706,76 @@ index a2ff4242e623..f0d2be1ee4f1 100644
  }
 
  int module_sig_check(struct load_info *info, int flags)
+diff --git a/net/wireless/sme.c b/net/wireless/sme.c
+index 4f813e346a8b..696c6ac76948 100644
+--- a/net/wireless/sme.c
++++ b/net/wireless/sme.c
+@@ -285,15 +285,6 @@ void cfg80211_conn_work(struct work_struct *work)
+ 	wiphy_unlock(&rdev->wiphy);
+ }
+
+-static void cfg80211_step_auth_next(struct cfg80211_conn *conn,
+-				    struct cfg80211_bss *bss)
+-{
+-	memcpy(conn->bssid, bss->bssid, ETH_ALEN);
+-	conn->params.bssid = conn->bssid;
+-	conn->params.channel = bss->channel;
+-	conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
+-}
+-
+ /* Returned bss is reference counted and must be cleaned up appropriately. */
+ static struct cfg80211_bss *cfg80211_get_conn_bss(struct wireless_dev *wdev)
+ {
+@@ -311,7 +302,10 @@ static struct cfg80211_bss *cfg80211_get_conn_bss(struct wireless_dev *wdev)
+ 	if (!bss)
+ 		return NULL;
+
+-	cfg80211_step_auth_next(wdev->conn, bss);
++	memcpy(wdev->conn->bssid, bss->bssid, ETH_ALEN);
++	wdev->conn->params.bssid = wdev->conn->bssid;
++	wdev->conn->params.channel = bss->channel;
++	wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT;
+ 	schedule_work(&rdev->conn_work);
+
+ 	return bss;
+@@ -603,12 +597,7 @@ static int cfg80211_sme_connect(struct wireless_dev *wdev,
+ 	wdev->conn->params.ssid_len = wdev->u.client.ssid_len;
+
+ 	/* see if we have the bss already */
+-	bss = cfg80211_get_bss(wdev->wiphy, wdev->conn->params.channel,
+-			       wdev->conn->params.bssid,
+-			       wdev->conn->params.ssid,
+-			       wdev->conn->params.ssid_len,
+-			       wdev->conn_bss_type,
+-			       IEEE80211_PRIVACY(wdev->conn->params.privacy));
++	bss = cfg80211_get_conn_bss(wdev);
+
+ 	if (prev_bssid) {
+ 		memcpy(wdev->conn->prev_bssid, prev_bssid, ETH_ALEN);
+@@ -619,7 +608,6 @@ static int cfg80211_sme_connect(struct wireless_dev *wdev,
+ 	if (bss) {
+ 		enum nl80211_timeout_reason treason;
+
+-		cfg80211_step_auth_next(wdev->conn, bss);
+ 		err = cfg80211_conn_do_work(wdev, &treason);
+ 		cfg80211_put_bss(wdev->wiphy, bss);
+ 	} else {
+@@ -1497,15 +1485,6 @@ int cfg80211_connect(struct cfg80211_registered_device *rdev,
+ 	} else {
+ 		if (WARN_ON(connkeys))
+ 			return -EINVAL;
+-
+-		/* connect can point to wdev->wext.connect which
+-		 * can hold key data from a previous connection
+-		 */
+-		connect->key = NULL;
+-		connect->key_len = 0;
+-		connect->key_idx = 0;
+-		connect->crypto.cipher_group = 0;
+-		connect->crypto.n_ciphers_pairwise = 0;
+ 	}
+
+ 	wdev->connect_keys = connkeys;
 diff --git a/scripts/tags.sh b/scripts/tags.sh
 index 0d045182c08c..8606325b0ec2 100755
 --- a/scripts/tags.sh
diff --git a/sources b/sources
index be9324de5..4038a9314 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-6.2.3.tar.xz) = 4040ac868957608da771a5701808240899333841d0070ba0d82c69085a81c9f84aa8b8831138e99de72ccb8347e453a7acaeac73e21af04cebd4e17181caba25
-SHA512 (kernel-abi-stablelists-6.2.3.tar.bz2) = 77475eb8890c13e0e4c51e9c678006099c4d2d9a87d1444ecd5937974a4b2a4b9bae552de2e26cdfff1b06c8e0acdf4f321661daaa5a573efdb99e42b3aa27a5
-SHA512 (kernel-kabi-dw-6.2.3.tar.bz2) = b114e6a275c3b5d208f055269943308c410f2c0a7186e07daaac2cbe8a7c03980e1e8d88426e63f406ffa720dccb0c5eea7c40aed8aa42bf67edde6ccf60a7fd
+SHA512 (linux-6.2.5.tar.xz) = cb9666c3038f3d28138c27e30ea37b9be49603ca99d9c88d560152f79cc78b31bba213f7c470d8b159b186228be93718c08623b11f3edffe9c2715788f352a08
+SHA512 (kernel-abi-stablelists-6.2.5.tar.bz2) = b4832eb25252c005568e82621114a2d318b969f9782a36ed9fc4a7e76c28b288bef18a60f47e7a470a6455af5c997465a4aec4ff2b0789604865ca3028c4160f
+SHA512 (kernel-kabi-dw-6.2.5.tar.bz2) = 6fc4fce487a34cb7212b3605ccaebeea7d11a150e77ea0e8125792c5fd05f5646638c7f59c14a45c967a0f63f165260245171998b8e751ad84b7146bd74931cd