CVE-2024-41063 Siemens CVE debrief

Who should care

Organizations running Linux systems with Bluetooth functionality enabled; operators of Siemens industrial networking equipment seeking clarification on product impact status; security teams tracking kernel-level Bluetooth vulnerabilities

Technical summary

A deadlock vulnerability exists in the Linux kernel's Bluetooth host controller interface (HCI) core subsystem. The issue occurs at destroy_workqueue() during workqueue teardown, potentially causing system hangs or denial of service. The vulnerability affects the hci_core Bluetooth implementation. CISA's advisory indicates this CVE was marked as 'Misinformed' for Siemens industrial networking products running SINEC OS, suggesting these products are not actually vulnerable despite initial inclusion in affected product lists. The underlying kernel issue remains relevant for general Linux distributions with Bluetooth support enabled.

Defensive priority

low

Recommended defensive actions

• Verify that systems are not running vulnerable Linux kernel versions with Bluetooth hci_core if Bluetooth functionality is enabled
• Review Siemens ProductCERT advisory SSA-355557 for definitive product impact assessment
• Apply kernel updates from distribution vendors if running affected Linux kernels with Bluetooth support
• Consider disabling Bluetooth if not required on industrial control systems
• Monitor CISA ICS advisories for any future updates to product impact status

Evidence notes

Source CISA CSAF advisory ICSA-25-226-07 marks this CVE as 'Misinformed' for all listed product IDs (CSAFPID-0006, CSAFPID-0002, CSAFPID-0003). The advisory was republished on 2026-02-25 based on Siemens ProductCERT SSA-355557. No CVSS vector or score is present in the source corpus.

Official resources