From: Qingfeng Hao <qingfeng.hao@windriver.com>
To: cve@kernel.org, gregkh@linuxfoundation.org
Cc: stable@vger.kernel.org, qingfeng.hao@windriver.com, zhe.he@windriver.com
Subject: [PATCH vulns 1/1] CVE-2024-26661: change the sha1 of the cve id
Date: Fri, 1 Aug 2025 12:06:35 +0800 [thread overview]
Message-ID: <20250801040635.4190980-2-qingfeng.hao@windriver.com> (raw)
In-Reply-To: <20250801040635.4190980-1-qingfeng.hao@windriver.com>
There is a fix 17ba9cde11c2bfebbd70867b0a2ac4a22e573379
introduced in v6.8 to fix the problem introduced by
the original fix 66951d98d9bf45ba25acf37fe0747253fafdf298,
and they together fix the CVE-2024-26661.
Hence, update the cve files accordingly.
Signed-off-by: Qingfeng Hao <qingfeng.hao@windriver.com>
Signed-off-by: He Zhe <zhe.he@windriver.com>
---
cve/published/2024/CVE-2024-26661.dyad | 6 ++--
cve/published/2024/CVE-2024-26661.json | 46 ++------------------------
cve/published/2024/CVE-2024-26661.sha1 | 2 +-
3 files changed, 5 insertions(+), 49 deletions(-)
diff --git a/cve/published/2024/CVE-2024-26661.dyad b/cve/published/2024/CVE-2024-26661.dyad
index 120c36d66..fc4c2091d 100644
--- a/cve/published/2024/CVE-2024-26661.dyad
+++ b/cve/published/2024/CVE-2024-26661.dyad
@@ -1,5 +1,3 @@
# dyad version: 86b352798e93
-# getting vulnerable:fixed pairs for git id 66951d98d9bf45ba25acf37fe0747253fafdf298
-5.9:474ac4a875ca6fea3fc5183d3ad22ef7523dca53:6.6.17:3f3c237a706580326d3b7a1b97697e5031ca4667
-5.9:474ac4a875ca6fea3fc5183d3ad22ef7523dca53:6.7.5:39f24c08363af1cd945abad84e3c87fd3e3c845a
-5.9:474ac4a875ca6fea3fc5183d3ad22ef7523dca53:6.8:66951d98d9bf45ba25acf37fe0747253fafdf298
+# getting vulnerable:fixed pairs for git id 17ba9cde11c2bfebbd70867b0a2ac4a22e573379
+5.9:474ac4a875ca6fea3fc5183d3ad22ef7523dca53:6.8:17ba9cde11c2bfebbd70867b0a2ac4a22e573379
diff --git a/cve/published/2024/CVE-2024-26661.json b/cve/published/2024/CVE-2024-26661.json
index 91d11967b..7c7b2a818 100644
--- a/cve/published/2024/CVE-2024-26661.json
+++ b/cve/published/2024/CVE-2024-26661.json
@@ -22,19 +22,7 @@
"versions": [
{
"version": "474ac4a875ca6fea3fc5183d3ad22ef7523dca53",
- "lessThan": "3f3c237a706580326d3b7a1b97697e5031ca4667",
- "status": "affected",
- "versionType": "git"
- },
- {
- "version": "474ac4a875ca6fea3fc5183d3ad22ef7523dca53",
- "lessThan": "39f24c08363af1cd945abad84e3c87fd3e3c845a",
- "status": "affected",
- "versionType": "git"
- },
- {
- "version": "474ac4a875ca6fea3fc5183d3ad22ef7523dca53",
- "lessThan": "66951d98d9bf45ba25acf37fe0747253fafdf298",
+ "lessThan": "17ba9cde11c2bfebbd70867b0a2ac4a22e573379",
"status": "affected",
"versionType": "git"
}
@@ -59,18 +47,6 @@
"status": "unaffected",
"versionType": "semver"
},
- {
- "version": "6.6.17",
- "lessThanOrEqual": "6.6.*",
- "status": "unaffected",
- "versionType": "semver"
- },
- {
- "version": "6.7.5",
- "lessThanOrEqual": "6.7.*",
- "status": "unaffected",
- "versionType": "semver"
- },
{
"version": "6.8",
"lessThanOrEqual": "*",
@@ -87,18 +63,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
- {
- "vulnerable": true,
- "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
- "versionStartIncluding": "5.9",
- "versionEndExcluding": "6.6.17"
- },
- {
- "vulnerable": true,
- "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
- "versionStartIncluding": "5.9",
- "versionEndExcluding": "6.7.5"
- },
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
@@ -112,13 +76,7 @@
],
"references": [
{
- "url": "https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667"
- },
- {
- "url": "https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a"
- },
- {
- "url": "https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298"
+ "url": "https://git.kernel.org/stable/c/17ba9cde11c2bfebbd70867b0a2ac4a22e573379"
}
],
"title": "drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'",
diff --git a/cve/published/2024/CVE-2024-26661.sha1 b/cve/published/2024/CVE-2024-26661.sha1
index 2e7b06c75..b6301aa3c 100644
--- a/cve/published/2024/CVE-2024-26661.sha1
+++ b/cve/published/2024/CVE-2024-26661.sha1
@@ -1 +1 @@
-66951d98d9bf45ba25acf37fe0747253fafdf298
+17ba9cde11c2bfebbd70867b0a2ac4a22e573379
--
2.34.1
next prev parent reply other threads:[~2025-08-01 4:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-01 4:06 [PATCH vulns 0/1] change the sha1 for CVE-2024-26661 Qingfeng Hao
2025-08-01 4:06 ` Qingfeng Hao [this message]
2025-08-01 7:41 ` Greg KH
2025-08-01 12:04 ` Hao, Qingfeng
2025-08-02 8:19 ` Greg KH
2025-08-04 7:47 ` Qingfeng Hao
2025-08-11 15:31 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250801040635.4190980-2-qingfeng.hao@windriver.com \
--to=qingfeng.hao@windriver.com \
--cc=cve@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=stable@vger.kernel.org \
--cc=zhe.he@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox