On Thu, Jan 16, 2020 at 07:29:54AM +0100, Greg KH wrote:
> On Wed, Jan 15, 2020 at 07:55:02PM -0800, Zubin Mithra wrote:
> > Hello,
> >
> > The patch :
> > a66477b0efe5 ("drm/ttm: fix out-of-bounds read in ttm_put_pages() v2")
> >
> > has been applied to linux-4.19.y. However, 2 follow-up fixes have not been applied.
>
> How did you figure out that they were "follow-up" fixes?
CVE-2019-19927 references commits a66477b0efe5, ac1e516d5a4c and
453393369dc9.
The patch author(Christian König) confirmed that if the patches were being backported,
then all three of them need to be.
Thanks,
- Zubin
>
> >
> > Could the following two fixes be applied to linux-4.19.y? These commits are present
> > in linux-5.4.y. These patches do not have to be applied to linux-4.14.y.
> >
> > ac1e516d5a4c ("drm/ttm: fix start page for huge page check in ttm_put_pages()")
> > 453393369dc9 ("drm/ttm: fix incrementing the page pointer for huge pages")
>
> Both now queued up, thanks for letting me know.
>
> greg k-h
