PatchSiren cyber security CVE debrief
CVE-2024-56594 Siemens CVE debrief
CVE-2024-56594 describes a Linux kernel issue in the AMDGPU DRM driver where an incorrect max_segment_size setting could cause debug_dma_map_sg() to report over-mapping of scatter-gather (sg) lengths. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens ProductCERT issued advisory SSA-355557, which CISA republished as ICSA-25-226-07. The advisory originally listed multiple Siemens industrial networking products as potentially affected, but subsequent revisions moved entries to the 'Known Not Affected' category. The final CISA republication on 2026-02-25 reflects these corrections. The source advisory explicitly marks the impact as 'Misinformed' for the remaining product entries, indicating that the CVE does not represent an actual vulnerability for the listed Siemens products. No CVSS score or severity is assigned in the source material. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations running Siemens RUGGEDCOM RST2428P or SCALANCE XC/XR/XCM/XRM/XCH/XRH industrial networking products should verify their 'Known Not Affected' status. Linux administrators managing systems with AMD GPUs should monitor upstream kernel security advisories for relevant driver updates. ICS security teams should note the advisory's 'Misinformed' classification when assessing vulnerability management priorities.
Technical summary
CVE-2024-56594 is a Linux kernel vulnerability in the AMDGPU DRM driver related to incorrect max_segment_size configuration for scatter-gather memory mapping. The issue could trigger debug warnings in debug_dma_map_sg() but does not represent a security vulnerability for the Siemens industrial networking products originally listed in advisory ICSA-25-226-07. The advisory's threat classification of 'Misinformed' indicates this CVE was incorrectly associated with these products. Multiple advisory revisions corrected the product impact status, with affected entries moved to 'Known Not Affected' and the final CISA republication on 2026-02-25 reflecting the corrected Siemens ProductCERT guidance.
Defensive priority
low
Recommended defensive actions
- Review the Siemens ProductCERT advisory SSA-355557 to confirm product impact status
- Verify that affected products have been moved to 'Known Not Affected' per the 2026-02-12 advisory revision
- No patching action required for Siemens products based on 'Misinformed' impact classification
- For Linux systems with AMD GPUs, consult upstream kernel advisories for driver updates if applicable
- Apply standard ICS security practices per CISA recommended practices for industrial control systems
Evidence notes
The source CSAF document (ICSA-25-226-07) contains a threat entry with category 'impact' and details 'Misinformed' for product IDs CSAFPID-0006, CSAFPID-0002, and CSAFPID-0003. The revision history shows multiple corrections: Additional Release 1 (2026-02-12) moved affected products to 'Known Not Affected', and Additional Release 2 (2026-02-24) clarified configurations and removed rejected CVEs. The CISA republication on 2026-02-25 was based on the Siemens ProductCERT SSA-355557 advisory. The CVE description references a Linux kernel AMDGPU driver issue that is not applicable to the Siemens industrial networking products listed.
Official resources
-
CVE-2024-56594 CVE record
CVE.org
-
CVE-2024-56594 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12