ID

VAR-202410-2491


CVE

CVE-2024-50001


TITLE

Linux  of  Linux Kernel  Vulnerability in handling exceptional conditions in

Trust: 0.8

sources: JVNDB: JVNDB-2024-011746

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under memory pressure, when the IOMMU driver just can't allocate more memory for page tables. While the code tries to handle this in the path below the err_unmap label it erroneously unmaps one entry from the sq's FIFO list of active mappings. Since the current map attempt failed this unmap is removing some random DMA mapping that might still be required. If the PCI function now presents that IOVA, the IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI function in error state. The erroneous behavior was seen in a stress-test environment that created memory pressure. Linux of Linux Kernel Exists in a vulnerability in handling exceptional conditions.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues

Trust: 2.16

sources: NVD: CVE-2024-50001 // JVNDB: JVNDB-2024-011746 // CNVD: CNVD-2025-19350

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.12

Trust: 1.8

vendor:linuxmodel:kernelscope:gteversion:6.11

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.10.14

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.55

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.113

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.227

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.11.3

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.168

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.10

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.168

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.113

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.55

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.10.14

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.11 that's all 6.11.3

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.10 that's all 5.10.227

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.2

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011746 // NVD: CVE-2024-50001

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-50001
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-50001
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-19350
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19350
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-50001
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2024-50001
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011746 // NVD: CVE-2024-50001

PROBLEMTYPE DATA

problemtype:CWE-755

Trust: 1.0

problemtype:Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-011746 // NVD: CVE-2024-50001

PATCH

title:Linux Kernel Archivesurl:https://git.kernel.org/stable/c/26fad69b34fcba80d5c7d9e651f628e6ac927754

Trust: 0.8

title:Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlierurl:https://www.cnvd.org.cn/patchInfo/show/723061

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011746

EXTERNAL IDS

db:NVDid:CVE-2024-50001

Trust: 2.6

db:SIEMENSid:SSA-355557

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:JVNDBid:JVNDB-2024-011746

Trust: 0.8

db:CNVDid:CNVD-2025-19350

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011746 // NVD: CVE-2024-50001

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://git.kernel.org/stable/c/ce828b347cf1b3c1b12b091d02463c35ce5097f5

Trust: 1.0

url:https://git.kernel.org/stable/c/26fad69b34fcba80d5c7d9e651f628e6ac927754

Trust: 1.0

url:https://git.kernel.org/stable/c/ca36d6c1a49b6965c86dd528a73f38bc62d9c625

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Trust: 1.0

url:https://git.kernel.org/stable/c/2bcae12c795f32ddfbf8c80d1b5f1d3286341c32

Trust: 1.0

url:https://git.kernel.org/stable/c/8bb8c12fb5e2b1f03d603d493c92941676f109b5

Trust: 1.0

url:https://git.kernel.org/stable/c/ecf310aaf256acbc8182189fe0aa1021c3ddef72

Trust: 1.0

url:https://git.kernel.org/stable/c/fc357e78176945ca7bcacf92ab794b9ccd41b4f4

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2024-50001

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-011746 // NVD: CVE-2024-50001

SOURCES

db:CNVDid:CNVD-2025-19350
db:JVNDBid:JVNDB-2024-011746
db:NVDid:CVE-2024-50001

LAST UPDATE DATE

2026-06-18T18:19:54.110000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-011746date:2024-11-01T03:02:00
db:NVDid:CVE-2024-50001date:2026-05-12T12:17:19.807

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-12T00:00:00
db:JVNDBid:JVNDB-2024-011746date:2024-11-01T00:00:00
db:NVDid:CVE-2024-50001date:2024-10-21T18:15:20.130