PatchSiren cyber security CVE debrief
CVE-2024-39475 Siemens CVE debrief
CVE-2024-39475 is a divide-by-zero vulnerability in the Linux kernel's S3 Savage framebuffer driver (savagefb). The issue stems from incomplete error handling: while commit 04e5eac8f3ab added a check to prevent pixclock=0 from causing division by zero in savagefb_check_var(), the savagefb_probe() function failed to propagate this error condition. When a zero pixclock value is supplied, the unchecked error path allows the divide-by-zero to occur. Siemens has identified this vulnerability as affecting SINEC OS-based industrial networking products including the RUGGEDCOM RST2428P and SCALANCE X-family switches. The vendor has rated this vulnerability as having no security impact (CVSS 0.0) for affected products, with one product family explicitly marked as 'Misinformed' (not actually vulnerable). A vendor fix is available requiring update to SINEC OS V3.1 or later.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- NONE
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment with SINEC OS, particularly RUGGEDCOM and SCALANCE product lines in industrial control system (ICS/OT) environments. Security teams responsible for Linux kernel security in embedded framebuffer applications.
Technical summary
The savagefb driver in the Linux kernel contains a divide-by-zero vulnerability. A prior commit (04e5eac8f3ab) added validation in savagefb_check_var() to reject pixclock=0, but savagefb_probe() does not check the return value. This omission allows the error condition to propagate, resulting in division by zero when pixclock is zero. The vulnerability affects the S3 Savage framebuffer implementation used in some embedded/industrial systems.
Defensive priority
low
Recommended defensive actions
- Review SINEC OS version on affected Siemens industrial networking products (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family)
- Update affected devices to SINEC OS V3.1 or later per vendor guidance
- Verify SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices are not affected (marked as 'Misinformed' in vendor advisory)
- Apply standard ICS defense-in-depth practices for industrial control systems per CISA guidance
Evidence notes
The vulnerability description is sourced from CISA CSAF advisory ICSA-25-226-15, which republishes Siemens ProductCERT advisory SSA-613116. The technical root cause is documented in the Linux kernel commit history. Siemens' assessment that this vulnerability has no security impact for their products is explicitly noted in the CSAF threat data.
Official resources
-
CVE-2024-39475 CVE record
CVE.org
-
CVE-2024-39475 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12