Backporting security patches to older open-source software versions remains largely manual, while existing automated approaches rely on rigid, syntactic rules that fail to handle complex, context-sensitive patch transformations. Method: This paper proposes an intelligent agent framework powered by large language models (LLMs), integrating on-demand code retrieval, Git history summarization, and compilation-feedback-driven autonomous correction to emulate human reasoning and validation in end-to-end patch backporting. Contribution/Results: The framework achieves superior semantic understanding and contextual adaptability compared to rule-based methods. Evaluated on 1,815 test cases, it attains an overall success rate of 89.15% and 62.33% on 146 challenging cases—significantly outperforming state-of-the-art tools. Moreover, nine generated patches have been accepted and merged into the Linux kernel mainline, demonstrating both technical efficacy and practical utility.

Patch backporting, the process of migrating mainline security patches to older branches, is an essential task in maintaining popular open-source projects (e.g., Linux kernel). However, manual backporting can be labor-intensive, while existing automated methods, which heavily rely on predefined syntax or semantic rules, often lack agility for complex patches. In this paper, we introduce PORTGPT, an LLM-agent for end-to-end automation of patch backporting in real-world scenarios. PORTGPT enhances an LLM with tools to access code on-demand, summarize Git history, and revise patches autonomously based on feedback (e.g., from compilers), hence, simulating human-like reasoning and verification. PORTGPT achieved an 89.15% success rate on existing datasets (1815 cases), and 62.33% on our own dataset of 146 complex cases, both outperforms state-of-the-art of backporting tools. We contributed 9 backported patches from PORTGPT to the Linux kernel community and all patches are now merged.