PatchSiren cyber security CVE debrief
CVE-2024-42145 Siemens CVE debrief
A vulnerability in the Linux kernel's InfiniBand (IB) core subsystem allows an unbounded UMAD (User-space MAD) receive list to grow without limit, potentially leading to resource exhaustion. The issue stems from inadequate bounds checking on the receive queue, which could be exploited to cause denial of service through memory exhaustion. This vulnerability affects Siemens industrial networking products that incorporate the vulnerable kernel component, specifically the RUGGEDCOM RST2428P and SCALANCE X-family switches running SINEC OS. The CVSS 6.5 MEDIUM score reflects the availability impact with medium attack complexity, requiring local access or authenticated network position to exploit.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P or SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family switches in industrial control environments should assess their exposure. System administrators responsible for OT network infrastructure, particularly those with InfiniBand or RDMA-capable deployments, should prioritize vendor patch verification. Security teams in manufacturing, energy, and critical infrastructure sectors using Siemens networking equipment should incorporate this into their vulnerability management workflows.
Technical summary
The vulnerability exists in the InfiniBand core's userspace MAD (Management Datagram) interface, where the receive list for incoming MAD messages lacks proper bounds checking. This allows an attacker with ability to send MAD messages to cause uncontrolled growth of the receive queue, potentially exhausting kernel memory and causing denial of service. The UMAD interface is typically used for InfiniBand subnet management and diagnostic operations. In the Siemens product context, this affects industrial Ethernet switches running SINEC OS that include IB stack components, though the specific exposure depends on whether IB interfaces are enabled and accessible in the deployed configuration.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for definitive affected product list and patch availability
- Verify SINEC OS version on RUGGEDCOM RST2428P and SCALANCE X-family switches against vendor security bulletin
- Apply kernel updates provided by Siemens through official support channels when available
- Monitor system memory utilization on affected industrial switches for anomalous growth patterns
- Implement network segmentation to limit exposure of IB/UMAD interfaces to untrusted networks
- Follow CISA ICS recommended practices for defense-in-depth strategies in industrial control environments
Evidence notes
CISA ICS advisory ICSA-25-226-07 published 2025-08-12 documents this vulnerability as part of Siemens Third-Party Components in SINEC OS security advisory. The advisory was subsequently updated on 2026-02-25 to reflect republication based on Siemens ProductCERT SSA-355557. The source indicates this vulnerability was initially marked as affecting certain products but threat impact assessment shows 'Misinformed' categorization for product IDs CSAFPID-0006, CSAFPID-0002, and CSAFPID-0003, suggesting potential clarification in affected product scope during advisory revisions.
Official resources
-
CVE-2024-42145 CVE record
CVE.org
-
CVE-2024-42145 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12