PatchSiren cyber security CVE debrief
CVE-2024-41092 Siemens CVE debrief
CVE-2024-41092 describes a potential use-after-free (UAF) vulnerability in the Linux kernel's drm/i915/gt driver related to fence register revocation. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens has identified this CVE as affecting their RUGGEDCOM RST2428P (6GK6242-6PA00) product, though the CISA advisory marks the impact assessment as 'Misinformed' for the affected product IDs. The vulnerability originates from the Linux kernel's Intel graphics driver and has been incorporated into Siemens' SINEC OS through third-party components. No CVSS score or severity rating is currently available in the source data. The advisory has undergone multiple revisions, with the most recent update on 2026-02-25 reflecting republication based on Siemens ProductCERT SSA-355557 advisory.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices in industrial control system environments. Security teams responsible for OT/ICS infrastructure, particularly those managing SINEC OS deployments, should monitor this advisory for patch availability and implementation guidance.
Technical summary
This vulnerability exists in the Linux kernel's Direct Rendering Manager (DRM) Intel i915 graphics driver, specifically in the GT (Graphics Technology) component's fence register handling. A use-after-free condition may occur during fence register revocation operations. The vulnerability affects Siemens industrial networking products that incorporate the vulnerable Linux kernel components through SINEC OS. The CISA advisory classification of 'Misinformed' impact suggests potential uncertainty or correction in initial impact assessments. Organizations should prioritize vendor guidance from Siemens ProductCERT for accurate risk assessment and remediation timelines specific to affected industrial control system deployments.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for detailed product-specific guidance
- Verify SINEC OS and affected Siemens product firmware versions against vendor security advisories
- Apply vendor-provided patches or updates when available per Siemens ProductCERT recommendations
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
- Implement defense-in-depth strategies for industrial control systems per CISA recommended practices
Evidence notes
Source indicates 'Misinformed' impact classification for affected product IDs (CSAFPID-0006, CSAFPID-0002, CSAFPID-0003). CVE originates from Linux kernel drm/i915/gt driver, affecting Siemens products through third-party component inclusion in SINEC OS. Advisory revision history shows multiple updates correcting affected product lists and clarifying family configurations.
Official resources
-
CVE-2024-41092 CVE record
CVE.org
-
CVE-2024-41092 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12