PatchSiren cyber security CVE debrief
CVE-2024-50193 Siemens CVE debrief
CVE-2024-50193 addresses a vulnerability in the x86 32-bit entry code where CPU buffers are cleared after the call to exc_nmi but before register state is restored. This sequencing is insufficient for the RDFS (Register File Data Sampling) mitigation, which requires CPU buffers to be cleared only when registers contain no sensitive data. The fix repositions CLEAR_CPU_BUFFERS to occur after RESTORE_ALL_NMI, ensuring proper isolation of sensitive register contents from potential side-channel exposure. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens has assessed this CVE as 'Misinformed' for affected products including RUGGEDCOM RST2428P and SCALANCE networking families, indicating the vulnerability does not apply to these products as initially reported. No CVSS score or severity rating is available. This issue is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations running 32-bit x86 Linux systems with RDFS mitigation enabled; industrial control system operators using Siemens RUGGEDCOM and SCALANCE networking equipment (though assessed as misinformed for these products); kernel maintainers and distribution vendors packaging x86 architecture support
Technical summary
This vulnerability involves incorrect sequencing of CPU buffer clearing operations in the x86 32-bit non-maskable interrupt (NMI) return path. The RDFS (Register File Data Sampling) mitigation requires that CPU buffers be cleared only after registers have been restored and no longer contain sensitive data. The existing code cleared buffers before register restoration, potentially leaving sensitive register data exposed to side-channel attacks. The resolution moves the CLEAR_CPU_BUFFERS macro to execute after RESTORE_ALL_NMI, ensuring proper temporal isolation of sensitive data during NMI handling.
Defensive priority
low
Recommended defensive actions
- Verify whether systems run 32-bit x86 Linux kernels with RDFS mitigation enabled
- Review vendor security advisories for affected product applicability
- Apply kernel updates from distribution maintainers if running vulnerable configurations
- Monitor for updated guidance from CPU vendors regarding RDFS mitigation requirements
Evidence notes
The source CSAF advisory (ICSA-25-226-07) explicitly marks this CVE with threat category 'impact' and details 'Misinformed' for product IDs CSAFPID-0006, CSAFPID-0002, and CSAFPID-0003. The advisory underwent four revisions, with the final update on 2026-02-25 clarifying affected product configurations and removing rejected CVEs. The technical description indicates this is a Linux kernel x86 architecture issue related to speculative execution mitigations, specifically RDFS (Register File Data Sampling).
Official resources
-
CVE-2024-50193 CVE record
CVE.org
-
CVE-2024-50193 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12