On Thu, Apr 18, 2024 at 03:19:46AM +0000, wangzhu wrote:
> Hi Greg, thanks for your reply. Since there is no patch to fix CVE-2023-52624
> in linux-5.10, there is a patch in the linux-6.7 branch to fix it, its commit
> is 2ef98c6d753a744e333b7e34b9cf687040fba57d ("drm/amd/display: Wake DMCUB
> before executing GPINT commands"). When we apply this patch to linux-5.10,
> there are lots of conflicts, and we found there are lots of dependent
> patches, we do not apply all these patches since some are not meant to fix
> the cve, so we just get part of them, and for each patch we just get the part
> which is helpful to fix.
Why do you think that specific CVE is relevent to the 5.10.y kernel?
And if so, what about the ones newer than that, as you know I can not
take patches only for older kernels, that would leave newer branches
vulnerable to the same bug.
So please submit fixes for all branches that you wish to see resolved at
the same time.
thanks,
greg k-h
