PatchSiren cyber security CVE debrief
CVE-2024-26645 Siemens CVE debrief
A race condition vulnerability in the Linux kernel's tracing subsystem, specifically within the tracing_map implementation, has been identified and resolved. The issue involves insufficient memory visibility guarantees when inserting elements into tracing_map structures, which could lead to inconsistent or corrupted tracing data under concurrent access conditions. The vulnerability affects Siemens industrial networking products that incorporate the vulnerable Linux kernel components, including the RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices. The fix ensures proper memory visibility through appropriate synchronization mechanisms during element insertion operations. This vulnerability is classified as CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization).
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment, particularly in critical infrastructure and manufacturing environments, should prioritize assessment. Security teams managing OT/ICS networks, system integrators deploying RUGGEDCOM and SCALANCE devices, and compliance officers responsible for industrial cybersecurity frameworks should monitor vendor advisories for patch availability.
Technical summary
The vulnerability exists in the Linux kernel's tracing subsystem, specifically in the tracing_map implementation used for histogram and aggregation functionality in kernel tracing. The issue stems from inadequate memory visibility guarantees when multiple execution contexts concurrently insert elements into tracing_map data structures. Without proper synchronization or memory barriers, CPU reordering and caching effects could result in partially visible or inconsistent state, potentially causing tracing data corruption or unexpected behavior in kernel tracing operations. The resolution ensures visibility through appropriate synchronization primitives during element insertion.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed product-specific patch information and deployment guidance
- Apply vendor-provided firmware updates for affected RUGGEDCOM RST2428P and SCALANCE product families as they become available
- Monitor CISA ICS advisory ICSA-25-226-15 for updates to affected product listings and remediation timelines
- Implement network segmentation for industrial control systems to limit exposure of affected devices
- Follow CISA ICS recommended practices for defense-in-depth strategies for industrial control systems
Evidence notes
The vulnerability description indicates a resolved Linux kernel tracing subsystem issue involving memory visibility during tracing_map element insertion. The source advisory (ICSA-25-226-15) from CISA, republished based on Siemens ProductCERT SSA-613116, identifies affected Siemens industrial networking products. The threat assessment categorizes impact as 'Misinformed' for the listed product IDs. The advisory has undergone multiple revisions, with the most recent update on 2026-02-25 correcting the affected products list and removing rejected CVEs. No CVSS score is provided in the source material.
Official resources
-
CVE-2024-26645 CVE record
CVE.org
-
CVE-2024-26645 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12