CVE-2024-46804 Linux CVE debrief

Who should care

Organizations running Siemens industrial networking products with embedded Linux systems using AMD graphics, particularly those implementing HDCP content protection. Security teams should verify actual affected status through Siemens ProductCERT rather than relying solely on initial CVE associations.

Technical summary

The vulnerability exists in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically in the AMD display driver (drm/amd/display). The issue involves a missing array index check during HDCP DDC access operations. HDCP is used for protecting digital audio and video content, while DDC is the communication channel between a computer and display device. Without proper bounds checking, an out-of-bounds array access could occur during these operations. This is a third-party component vulnerability affecting the Linux kernel rather than Siemens proprietary software. The 'Misinformed' threat classification in the source advisory suggests the CVE may have been incorrectly associated with certain Siemens products or requires further validation.

Defensive priority

low

Recommended defensive actions

• Verify with Siemens ProductCERT SSA-355557 for current affected product status
• Review Linux kernel security updates for drm/amd/display fixes
• Apply standard defense-in-depth practices for ICS networks per CISA guidance
• Monitor CISA ICS advisories for updates to ICSA-25-226-07

Evidence notes

The source advisory ICSA-25-226-07 from CISA, based on Siemens ProductCERT SSA-355557, explicitly marks this CVE with threat category 'impact' and details 'Misinformed' for products CSAFPID-0006, CSAFPID-0002, and CSAFPID-0003. The revision history indicates this CVE was not among those removed as rejected in the February 24, 2026 update, suggesting it remains under evaluation. The vulnerability originates in the Linux kernel AMD display driver, not Siemens proprietary code.

Official resources