PatchSiren cyber security CVE debrief
CVE-2024-47704 Cert Portal CVE debrief
CVE-2024-47704 is a medium-severity availability issue in the Linux kernel's drm/amd/display path. The source advisory says dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc, so a null-pointer check is needed before dereference. The published CVSS is 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H), which fits a local, availability-only defect. The advisory data also maps the issue to Siemens SIMATIC CN 4100 versions before 5.0, but that product mapping is low-confidence because the vulnerability description itself is kernel-focused; confirm exposure against the vendor advisory before prioritizing remediation.
- Vendor
- Cert Portal
- Product
- Siemens SIMATIC CN 4100 vers:intdot/<5.0
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-12
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-05-12
- Advisory updated
- 2026-05-14
Who should care
Asset owners and operators who believe they have Siemens SIMATIC CN 4100 devices running versions before 5.0, plus Linux kernel and embedded-platform maintainers who track the referenced drm/amd/display fix in downstream builds.
Technical summary
The advisory describes a null-pointer dereference risk in Linux kernel display-driver code. In certain paths, dp_enable_link_phy and dp_disable_link_phy can receive link_res without hpo_dp_link_enc initialized, so dereferencing link_res->hpo_dp_link_enc without a null check can trigger a crash. The source cites this as two Coverity FORWARD_NULL findings and assigns CVE-2024-47704 with CVSS 5.5. The remediation field recommends updating to V5.0 or later for the Siemens product entry associated with the advisory.
Defensive priority
Medium overall; higher if you have confirmed exposure in a production industrial environment because the impact is availability loss rather than code execution, and service disruption can still be operationally significant.
Recommended defensive actions
- Verify whether any deployed assets actually match the Siemens advisory product/version scope before treating them as affected.
- If affected, update to V5.0 or later as recommended in the advisory.
- Review downstream Linux kernel or vendor BSP builds to ensure the null check for hpo_dp_link_enc is present.
- Monitor the Siemens and CISA advisory pages for any revision history or clarification.
- Plan for availability impact by ensuring failover, recovery, and maintenance windows are documented for the affected systems.
Evidence notes
The source CSAF advisory states: 'Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc and it is necessary to check for null before dereferencing.' It also records the product as 'Siemens SIMATIC CN 4100 vers:intdot/<5.0' and lists remediation 'Update to V5.0 or later version.' However, the core description is a Linux kernel drm/amd/display issue, so the vendor/product association should be treated as needing review. Published and modified dates used here come from the supplied CVE/source timeline: published 2026-05-12 and modified 2026-05-14.
Official resources
-
CVE-2024-47704 CVE record
CVE.org
-
CVE-2024-47704 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the source CSAF advisory on 2026-05-12 and republished it on 2026-05-14 with Siemens ProductCERT advisory SSA-032379 referenced in the revision history. Use the supplied CVE published date, not the report-generation date, for