CVE-2024-56589 Linux CVE debrief

Who should care

Organizations running Linux systems with HiSilicon SAS controllers and no forced preemption kernel configurations with high-density SAS SSD deployments; Siemens industrial networking product users seeking clarification on advisory applicability

Technical summary

The vulnerability exists in the Linux kernel's hisi_sas SCSI driver, which lacks a cond_resched() call for no forced preemption model kernels. This can result in call traces when an expander is connected to 12 high-performance SAS SSDs. However, CISA's advisory marks this as 'Misinformed' impact for the Siemens products listed (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family), indicating these products are not actually affected by this kernel-level issue. The advisory was last updated on 2026-02-25 based on Siemens ProductCERT guidance.

Defensive priority

low

Recommended defensive actions

• Verify that systems do not use the hisi_sas SCSI driver with no forced preemption kernel configurations and high-density SAS SSD expander setups
• Review vendor security advisories for affected Linux kernel versions if running systems with HiSilicon SAS controllers
• Apply standard kernel update practices for Linux systems using affected hardware configurations
• For Siemens industrial networking products listed in this advisory, no action is required as the vulnerability is marked with misinformed impact

Evidence notes

The CISA CSAF advisory ICSA-25-226-07 explicitly categorizes the impact as 'Misinformed' for all listed Siemens product IDs (CSAFPID-0006, CSAFPID-0002, CSAFPID-0003). The vulnerability description describes a Linux kernel driver issue (hisi_sas SCSI driver) that is not applicable to the Siemens industrial networking products listed. The advisory was republished on 2026-02-25 based on Siemens ProductCERT SSA-355557 advisory.

Official resources