Hi Greg, Thanks for your check and comments. Sorry that I mistakenly changed the files of .dyad and .json. I'll pay attention next time. The original fix 66951d98d9bf ("drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'") or fb5a3d037082 for CVE-2024-26661 didn't fix the CVE (or even made it worse) because the key change is to check if “tg” is NULL before referencing it, but the fix does NOT do that correctly: + if (!abm && !tg && !panel_cntl) + return; Here "&&" should have been "||". The follow-up commit 17ba9cde11c2 fixes this by: - if (!abm && !tg && !panel_cntl) + if (!abm || !tg || !panel_cntl) return; So we consider that 66951d98d9bf is not a complete fix. It actually made things worse. 66951d98d9bf and 17ba9cde11c2 together fix CVE-2024-26661. The same problem happened to CVE-2024-26662. If you agree with the above analysis, should I append 17ba9cde11c2bfebbd70867b0a2ac4a22e573379 to CVE-2024-26661.sha1 ?
Thanks!
Qingfeng
-----Original Message----- From: Greg KH gregkh@linuxfoundation.org Sent: 2025年8月1日 15:41 To: Hao, Qingfeng Qingfeng.Hao@windriver.com Cc: cve@kernel.org; stable@vger.kernel.org; He, Zhe Zhe.He@windriver.com Subject: Re: [PATCH vulns 0/1] change the sha1 for CVE-2024-26661
CAUTION: This email comes from a non Wind River email account! Do not click links or open attachments unless you recognize the sender and know the content is safe.
On Fri, Aug 01, 2025 at 12:06:34PM +0800, Qingfeng Hao wrote:
There is a fix 17ba9cde11c2bfebbd70867b0a2ac4a22e573379 introduced in v6.8 to fix the problem introduced by the original fix 66951d98d9bf45ba25acf37fe0747253fafdf298, and they together fix the CVE-2024-26661.
Those are two different things, shouldn't they get different CVE ids?
Since this is the first time I submit the changes on vulns project, not sure if the changes in my patch are exact, @Greg, please point out the problems if there are and I will fix them.
There's never a need to modify the .dyad or .json files (hint, you also did not touch the .mbox file.) they are all auto-generated from the .sha1 file.
But again, I don't think this is correct, either this specific CVE is not a CVE (i.e. it doesn't actually fix an issue), or we need to assign another one, right?
thanks,
greg k-h