On Wed, Oct 02, 2024 at 09:26:46AM -0600, Jens Axboe wrote: > On 10/2/24 9:05 AM, Vegard Nossum wrote: > > Christophe JAILLET (1): > > null_blk: Remove usage of the deprecated ida_simple_xx() API It makes cherry-picking the next commit slightly easier. There is still some conflict resolution necessary so it doesn't help very much. Could we annotate these with a Stable-dep-of: tag otherwise we get a lot of questions like this. Also when we backport patches from 6.6.y to 6.1.y then we can drop any unnecessary Stable-dep-of patches. > > > > Yu Kuai (1): > > null_blk: fix null-ptr-dereference while configuring 'power' and > > 'submit_queues' > > I don't see how either of these are CVEs? Obviously not a problem to > backport either of them to stable, but I wonder what the reasoning for > that is. IOW, feels like those CVEs are bogus, which I guess is hardly > surprising :-) The definition of CVE includes NULL dereferences so that's automatic. regards, dan carpenter
