PatchSiren cyber security CVE debrief
CVE-2024-47737 Siemens CVE debrief
This CVE addresses a memory management vulnerability in the Linux kernel's NFS server (nfsd) implementation. The issue involves a missing cache_put() call when xdr_reserve_space() returns NULL, which could lead to resource leaks. The vulnerability was resolved by ensuring proper cleanup in error paths. Siemens has assessed this CVE as 'Misinformed' for their affected product lines, indicating the vulnerability does not actually impact their implementations as initially reported. The advisory has undergone multiple revisions, with the most recent update in February 2026 correcting product affected status and removing rejected CVEs from the advisory.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations running Siemens industrial networking equipment (RUGGEDCOM RST2428P, SCALANCE XC/XR/XCM/XRM/XCH/XRH families) should verify their specific product configurations against vendor guidance, though current assessment indicates no actual vulnerability exposure.
Technical summary
The vulnerability exists in the Linux kernel NFS server (nfsd) code path where xdr_reserve_space() failure handling did not properly release cache references via cache_put(). The fix ensures proper resource cleanup when buffer allocation fails. Siemens products using SINEC OS were initially flagged but subsequently assessed as not affected ('Misinformed' impact classification).
Defensive priority
low
Recommended defensive actions
- Verify current firmware version on affected Siemens industrial networking equipment against vendor security advisory SSA-355557
- Review Siemens ProductCERT guidance for SINEC OS and related product families to confirm vulnerability applicability
- Apply vendor-recommended patches or updates if actual impact is confirmed for specific deployment configurations
- Monitor CISA ICS advisories for subsequent revisions to this advisory
Evidence notes
The source advisory (ICSA-25-226-07) explicitly categorizes the impact of this CVE as 'Misinformed' for the listed Siemens products. The CVE description indicates a kernel-level fix was implemented. Multiple advisory revisions show ongoing refinement of affected product scope, with the February 2026 update specifically moving entries to 'Known Not Affected Products' and clarifying family configurations.
Official resources
-
CVE-2024-47737 CVE record
CVE.org
-
CVE-2024-47737 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12