PatchSiren cyber security CVE debrief
CVE-2024-26696 Siemens CVE debrief
A vulnerability in the Linux kernel's nilfs2 filesystem could cause a hang condition in the nilfs_lookup_dirty_data_buffers() function. This issue has been resolved in the upstream Linux kernel. Siemens has identified this CVE as affecting certain industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE X family switches. The vulnerability was initially published on August 12, 2025, with subsequent advisory updates through February 25, 2026, including corrections to affected product lists and removal of rejected CVEs. No CVSS score or severity rating is currently available from official sources. This vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family switches in industrial control environments. System administrators responsible for OT/ICS network infrastructure using SINEC OS. Security teams monitoring Linux kernel vulnerabilities in embedded industrial systems.
Technical summary
The nilfs2 filesystem in the Linux kernel contained a vulnerability in nilfs_lookup_dirty_data_buffers() that could result in a system hang. This is a local denial-of-service condition affecting systems using the nilfs2 log-structured filesystem. The vulnerability has been resolved in upstream Linux kernel development. Siemens has incorporated this fix into SINEC OS for affected industrial networking products. The nilfs2 filesystem is a log-structured file system designed for flash storage devices; the hang condition in buffer lookup could impact system availability on affected devices.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for affected product versions and patch availability
- Apply kernel updates provided by Siemens for affected SINEC OS-based products
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
- Implement network segmentation for industrial control systems per CISA recommended practices
- Verify nilfs2 filesystem is not in use on affected systems if patching is not immediately available
Evidence notes
CVE description indicates upstream Linux kernel fix for nilfs2 hang condition. Siemens ProductCERT advisory SSA-613116 (via CISA ICSA-25-226-15) identifies affected industrial control products. Advisory revision history shows multiple updates: initial publication 2025-08-12, product list corrections 2026-02-12, removal of rejected CVEs 2026-02-24, and republication based on Siemens advisory 2026-02-25. Threat category marked as 'Misinformed' in source CSAF data for affected product IDs.
Official resources
-
CVE-2024-26696 CVE record
CVE.org
-
CVE-2024-26696 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12