PatchSiren cyber security CVE debrief
CVE-2024-26764 Siemens CVE debrief
A vulnerability in the Linux kernel's asynchronous I/O (AIO) subsystem was resolved by restricting the kiocb_set_cancel_fn() function to I/O operations submitted via libaio. The fix prevents improper use of cancel functions on I/O requests that were not submitted through the legacy libaio interface. Siemens has identified this CVE as affecting certain industrial networking products running SINEC OS, which incorporates the vulnerable Linux kernel component. The vendor's assessment categorizes the impact as 'Misinformed' for affected products. Organizations should consult vendor guidance for patch availability and apply updates according to their risk management procedures.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment including SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, and RUGGEDCOM RST2428P switches. OT security teams managing SINEC OS deployments should prioritize vendor patch review.
Technical summary
The vulnerability exists in the Linux kernel's fs/aio subsystem where kiocb_set_cancel_fn() could be invoked on I/O requests not submitted via libaio. The resolution restricts this function to libaio-submitted I/O only, preventing potential misuse. Affected Siemens products include RUGGEDCOM RST2428P and SCALANCE X-family switches running SINEC OS. The vendor's threat assessment indicates 'Misinformed' impact categorization. No CVSS score is currently assigned in available sources.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed product impact and patch status
- Verify SINEC OS and affected SCALANCE/RUGGEDCOM product versions in your environment
- Apply vendor-provided firmware updates when available per organizational change management
- Monitor CISA ICS advisories for additional guidance on industrial control system security
Evidence notes
CVE published 2025-08-12 per CISA CSAF source. Modified 2026-02-25. Source indicates impact categorized as 'Misinformed' for affected Siemens products. Vendor confirmed via CSAF product tree.
Official resources
-
CVE-2024-26764 CVE record
CVE.org
-
CVE-2024-26764 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12