PatchSiren cyber security CVE debrief
CVE-2024-50205 Siemens CVE debrief
A division-by-zero vulnerability exists in the Linux kernel's ALSA firewire-lib subsystem. The `step` variable in `apply_constraint_to_size()` is initialized to zero and may remain zero if not modified within a loop, leading to a potential division-by-zero condition. This flaw was introduced by commit 826b5de90c0b and affects the PCM rule constraints for period/buffer size handling. The vulnerability requires local access to exploit and results in denial of service (availability impact) with no confidentiality or integrity impact. Siemens has identified this as affecting the GNU/Linux subsystem of SIMATIC S7-1500 TM MFP industrial control devices. No patch is currently available; mitigation relies on access controls and trusted application sourcing.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Operators of Siemens SIMATIC S7-1500 TM MFP industrial control systems utilizing the GNU/Linux subsystem; security teams managing OT/ICS environments with Linux-based embedded controllers; kernel maintainers and distribution vendors packaging ALSA firewire support.
Technical summary
The vulnerability resides in `apply_constraint_to_size()` within `sound/firewire/amdtp-stream.c`. The `step` variable is initialized to zero and used as a divisor without guaranteed initialization through the `snd_interval_test()` loop. If no rate table entries satisfy the interval test condition, `step` remains zero, triggering a division-by-zero on the subsequent division operation. The fix adds an explicit zero check before division. This is a local vulnerability requiring authenticated access to the GNU/Linux subsystem.
Defensive priority
medium
Recommended defensive actions
- Restrict interactive shell access to the GNU/Linux subsystem to trusted personnel only
- Build and run applications exclusively from trusted sources
- Monitor for kernel updates from Siemens or Linux distribution maintainers
- Apply defense-in-depth strategies for industrial control system environments
Evidence notes
Vulnerability identified by Linux Verification Center (linuxtesting.org) using SVACE static analysis. The flaw was introduced in kernel commit 826b5de90c0b (ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size). CISA published advisory ICSA-24-102-01 on 2024-04-09. Siemens CSAF advisory SSA-265688 provides product-specific impact assessment. CVSS 3.1 vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Official resources
-
CVE-2024-50205 CVE record
CVE.org
-
CVE-2024-50205 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-09