PatchSiren cyber security CVE debrief
CVE-2024-40976 Siemens CVE debrief
CVE-2024-40976 describes a race condition in the Linux kernel's drm/lima GPU driver. A rendering job may trigger the DRM scheduler job timeout handler yet complete before the hard reset occurs, leading to unexpected race conditions. In specific circumstances, this can cause a reference count imbalance in lima_pm_idle, resulting in a stack dump. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens has identified this CVE as affecting third-party components in SINEC OS, with products including RUGGEDCOM RST2428P and SCALANCE networking families potentially impacted. However, the threat assessment categorizes the impact as 'Misinformed' for the listed product IDs. No CVSS score or severity rating is currently available. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family switches, SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices, or RUGGEDCOM RST2428P units running SINEC OS should monitor this advisory. System administrators maintaining embedded Linux systems with ARM Mali-4xx GPUs in industrial environments should also assess exposure, as the underlying kernel vulnerability may affect other platforms using the drm/lima driver.
Technical summary
The vulnerability exists in the drm/lima driver, which provides Direct Rendering Manager support for ARM Mali-4xx series GPUs. The race condition occurs between job timeout handling and job completion: when a rendering job exceeds the scheduler timeout threshold but completes before the timeout handler performs a hard reset, the driver's state machine encounters unexpected conditions. This specifically affects the power management idle path (lima_pm_idle), where reference counting operations may become imbalanced. The resulting stack dump indicates kernel warning conditions but does not necessarily imply privilege escalation or code execution. The vulnerability is relevant to embedded Linux deployments in industrial networking equipment where Mali GPUs may be present for display or acceleration functions.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for affected product configurations and patch availability
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
- Apply vendor-provided firmware updates for affected SCALANCE and RUGGEDCOM products when available
- Implement network segmentation for industrial control systems per CISA recommended practices
- Assess systems using ARM Mali-4xx GPUs for kernel update requirements
Evidence notes
The vulnerability description is sourced from CISA CSAF advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. The threat category 'Misinformed' indicates potential assessment uncertainty or correction in subsequent advisory revisions. The CVE affects drm/lima, a driver for ARM Mali-4xx GPUs commonly used in embedded and industrial systems.
Official resources
-
CVE-2024-40976 CVE record
CVE.org
-
CVE-2024-40976 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12