PatchSiren cyber security CVE debrief
CVE-2024-35833 Siemens CVE debrief
A memory leak vulnerability in the Freescale (NXP) QDMA engine driver (fsl-qdma) within the Linux kernel. The flaw occurs in queue command DMA handling where allocated memory is not properly freed, leading to resource exhaustion over time. This affects Siemens industrial networking products running SINEC OS, which incorporates the vulnerable Linux kernel component. The vulnerability was resolved in the upstream Linux kernel with a fix for the memory leak related to queue command DMA operations.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly those using SCALANCE or RUGGEDCOM products with SINEC OS in critical infrastructure, manufacturing, or process control environments. ICS security teams responsible for patch management and vulnerability assessment in OT networks.
Technical summary
The vulnerability exists in the Freescale/NXP QDMA (Queue Direct Memory Access) engine driver (drivers/dma/fsl-qdma.c) in the Linux kernel. The flaw is a memory leak occurring during queue command DMA operations where allocated command structures are not properly deallocated after use. This can lead to gradual memory exhaustion in systems with heavy DMA utilization. The issue was resolved upstream with a fix that ensures proper cleanup of queue command DMA allocations. Siemens industrial networking products incorporating the vulnerable kernel component are affected, including SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, and RUGGEDCOM RST2428P (6GK6242-6PA00) running SINEC OS.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for affected product versions and patch availability
- Apply vendor-provided firmware updates for SINEC OS when available
- Monitor Siemens security advisories for SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family and RUGGEDCOM RST2428P
- Implement network segmentation for industrial control systems per CISA recommended practices
- Consider defense-in-depth strategies for ICS environments as referenced in CISA guidance
Evidence notes
The vulnerability description indicates a memory leak in the dmaengine: fsl-qdma driver specifically related to queue command DMA handling. The source advisory (ICSA-25-226-15) from CISA, republished based on Siemens ProductCERT SSA-613116, lists this CVE with threat category 'impact' marked as 'Misinformed' for affected product IDs. The advisory was initially published 2025-08-12 and most recently updated 2026-02-25 with corrections to affected products list and removal of rejected CVEs. Siemens ProductCERT references are provided for authoritative vendor guidance. No CVSS score or severity is available in the source corpus.
Official resources
-
CVE-2024-35833 CVE record
CVE.org
-
CVE-2024-35833 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12