Thanks to Carl George for pointing out these three CVEs being fixed in the CentOS Stream 9 kernel:

https://fosstodon.org/@carlwgeorge/110323344174577155

https://gitlab.com/search?project_id=24152864&scope=merge_requests&search=CVE-2023-0590+%7C+CVE-2023-1249+%7C+CVE-2023-1252&state=merged

For context, here is the original article that Carl is responding to:

https://bugs.chromium.org/p/project-zero/issues/detail?id=2439