PatchSiren cyber security CVE debrief
CVE-2024-42097 Linux CVE debrief
A missed validation vulnerability in the Linux Kernel's MIDI sequencer and router support functionality could allow a local user to crash the system.
- Vendor
- Linux
- Product
- SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
- CVSS
- MEDIUM 4.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations operating Siemens SIMATIC S7-1500 TM MFP systems with the GNU/Linux subsystem enabled should prioritize this advisory. System administrators responsible for industrial control system security, OT security teams, and personnel with access to the interactive shell of affected devices should be aware of this vulnerability. Given the local attack vector requirement, insider threat programs and access control governance teams should also take note. The vulnerability is particularly relevant for environments where multiple users may have shell access to the GNU/Linux subsystem or where application integrity cannot be fully verified. Organizations in critical infrastructure sectors using this product family should review their defense-in-depth strategies while awaiting a vendor fix. The advisory has been actively maintained by CISA with multiple updates through September 2025, indicating ongoing attention to this product's security posture.
Technical summary
CVE-2024-42097 is a missed validation vulnerability in the Linux Kernel's MIDI sequencer and router support functionality. The vulnerability allows a local user to crash the system. The CVSS 3.1 vector is AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating a local attack vector with high attack complexity, low privileges required, and high availability impact. The vulnerability affects the GNU/Linux subsystem of the Siemens SIMATIC S7-1500 TM MFP industrial control system product.
Defensive priority
medium
Recommended defensive actions
- Limit access to the interactive shell of the additional GNU/Linux subsystem to trusted personnel only.
- Only build and run applications from trusted sources.
- Monitor for future security updates from Siemens for the SIMATIC S7-1500 TM MFP GNU/Linux subsystem.
Evidence notes
The vulnerability was disclosed in CISA ICS Advisory ICSA-24-102-01 on 2024-04-09. The advisory was subsequently updated multiple times through 2025-09-09 to add additional CVEs affecting the same product family. Siemens has confirmed that currently no fix is available for this vulnerability in the affected product.
Official resources
-
CVE-2024-42097 CVE record
CVE.org
-
CVE-2024-42097 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-09