diff --git a/patches.kernel.org/6.2.12-020-fbmem-Reject-FB_ACTIVATE_KD_TEXT-from-userspac.patch b/patches.kernel.org/6.2.12-020-fbmem-Reject-FB_ACTIVATE_KD_TEXT-from-userspac.patch
new file mode 100644
index 0000000..79d9fcf
--- /dev/null
+++ b/patches.kernel.org/6.2.12-020-fbmem-Reject-FB_ACTIVATE_KD_TEXT-from-userspac.patch
@@ -0,0 +1,75 @@
+From: Daniel Vetter <daniel.vetter@ffwll.ch>
+Date: Tue, 4 Apr 2023 21:39:34 +0200
+Subject: [PATCH] fbmem: Reject FB_ACTIVATE_KD_TEXT from userspace
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+References: bsc#1012628
+Patch-mainline: 6.2.12
+Git-commit: 6fd33a3333c7916689b8f051a185defe4dd515b0
+
+commit 6fd33a3333c7916689b8f051a185defe4dd515b0 upstream.
+
+This is an oversight from dc5bdb68b5b3 ("drm/fb-helper: Fix vt
+restore") - I failed to realize that nasty userspace could set this.
+
+It's not pretty to mix up kernel-internal and userspace uapi flags
+like this, but since the entire fb_var_screeninfo structure is uapi
+we'd need to either add a new parameter to the ->fb_set_par callback
+and fb_set_par() function, which has a _lot_ of users. Or some other
+fairly ugly side-channel int fb_info. Neither is a pretty prospect.
+
+Instead just correct the issue at hand by filtering out this
+kernel-internal flag in the ioctl handling code.
+
+Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
+Acked-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
+Signed-off-by: Daniel Vetter <daniel.vetter@intel.com>
+Fixes: dc5bdb68b5b3 ("drm/fb-helper: Fix vt restore")
+Cc: Alex Deucher <alexander.deucher@amd.com>
+Cc: shlomo@fastmail.com
+Cc: Michel Dänzer <michel@daenzer.net>
+Cc: Noralf Trønnes <noralf@tronnes.org>
+Cc: Thomas Zimmermann <tzimmermann@suse.de>
+Cc: Daniel Vetter <daniel.vetter@intel.com>
+Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
+Cc: Maxime Ripard <mripard@kernel.org>
+Cc: David Airlie <airlied@linux.ie>
+Cc: Daniel Vetter <daniel@ffwll.ch>
+Cc: dri-devel@lists.freedesktop.org
+Cc: <stable@vger.kernel.org> # v5.7+
+Cc: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
+Cc: Geert Uytterhoeven <geert@linux-m68k.org>
+Cc: Nathan Chancellor <natechancellor@gmail.com>
+Cc: Qiujun Huang <hqjagain@gmail.com>
+Cc: Peter Rosin <peda@axentia.se>
+Cc: linux-fbdev@vger.kernel.org
+Cc: Helge Deller <deller@gmx.de>
+Cc: Sam Ravnborg <sam@ravnborg.org>
+Cc: Geert Uytterhoeven <geert+renesas@glider.be>
+Cc: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Cc: Shigeru Yoshida <syoshida@redhat.com>
+Link: https://patchwork.freedesktop.org/patch/msgid/20230404193934.472457-1-daniel.vetter@ffwll.ch
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ drivers/video/fbdev/core/fbmem.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
+index ab3545a0..aa2cb36a 100644
+--- a/drivers/video/fbdev/core/fbmem.c
++++ b/drivers/video/fbdev/core/fbmem.c
+@@ -1117,6 +1117,8 @@ static long do_fb_ioctl(struct fb_info *info, unsigned int cmd,
+ 	case FBIOPUT_VSCREENINFO:
+ 		if (copy_from_user(&var, argp, sizeof(var)))
+ 			return -EFAULT;
++		/* only for kernel-internal use */
++		var.activate &= ~FB_ACTIVATE_KD_TEXT;
+ 		console_lock();
+ 		lock_fb_info(info);
+ 		ret = fbcon_modechange_possible(info, &var);
+-- 
+2.35.3
+
diff --git a/series.conf b/series.conf
index 9d4e7a4..1589643 100644
--- a/series.conf
+++ b/series.conf
@@ -2247,6 +2247,7 @@
 	patches.kernel.org/6.2.12-017-Bluetooth-hci_conn-Fix-possible-UAF.patch
 	patches.kernel.org/6.2.12-018-btrfs-restore-the-thread_pool-behavior-in-remo.patch
 	patches.kernel.org/6.2.12-019-btrfs-fix-fast-csum-implementation-detection.patch
+	patches.kernel.org/6.2.12-020-fbmem-Reject-FB_ACTIVATE_KD_TEXT-from-userspac.patch
 
 	########################################################
 	# Build fixes that apply to the vanilla kernel too.