ID

VAR-202410-3209


CVE

CVE-2024-49938


TITLE

Linux  of  Linux Kernel  Vulnerability in accessing uninitialized pointers in

Trust: 0.8

sources: JVNDB: JVNDB-2024-012555

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly just to reset the length to zero before resubmitting, so switch to calling __skb_set_length(skb, 0) directly. In addition, __skb_set_length() already contains a call to skb_reset_tail_pointer(), so remove the redundant call. The syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar usage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it. Linux of Linux Kernel Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues

Trust: 2.16

sources: NVD: CVE-2024-49938 // JVNDB: JVNDB-2024-012555 // CNVD: CNVD-2025-19350

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:gteversion:6.11

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.10.14

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.55

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.113

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.227

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.11.3

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.168

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.168

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.113

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.55

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.10.227

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.10.14

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.11 that's all 6.11.3

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.2

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012555 // NVD: CVE-2024-49938

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-49938
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-49938
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-19350
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19350
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-49938
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2024-49938
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012555 // NVD: CVE-2024-49938

PROBLEMTYPE DATA

problemtype:CWE-824

Trust: 1.0

problemtype:Accessing uninitialized pointers (CWE-824) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-012555 // NVD: CVE-2024-49938

PATCH

title:Use __skb_set_length() for resetting urb before resubmit (e6b9bf3) Linux Kernelurl:https://git.kernel.org/stable/c/012ae530afa0785102360de452745d33c99a321b

Trust: 0.8

title:Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlierurl:https://www.cnvd.org.cn/patchInfo/show/723061

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012555

EXTERNAL IDS

db:NVDid:CVE-2024-49938

Trust: 2.6

db:SIEMENSid:SSA-355557

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:JVNDBid:JVNDB-2024-012555

Trust: 0.8

db:CNVDid:CNVD-2025-19350

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012555 // NVD: CVE-2024-49938

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://git.kernel.org/stable/c/6a875220670475d9247e576c15dc29823100a4e4

Trust: 1.0

url:https://git.kernel.org/stable/c/e6b9bf32e0695e4f374674002de0527d2a6768eb

Trust: 1.0

url:https://git.kernel.org/stable/c/a9f4e28e8adaf0715bd4e01462af0a52ee46b01f

Trust: 1.0

url:https://git.kernel.org/stable/c/2c230210ec0ae6ed08306ac70dc21c24b817bb95

Trust: 1.0

url:https://git.kernel.org/stable/c/b02eb7c86ff2ef1411c3095ec8a52b13f68db04f

Trust: 1.0

url:https://git.kernel.org/stable/c/94745807f3ebd379f23865e6dab196f220664179

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Trust: 1.0

url:https://git.kernel.org/stable/c/d1f2fbc6a769081503f6ffedbb5cd1ac497f0e77

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Trust: 1.0

url:https://git.kernel.org/stable/c/e37e348835032d6940ec89308cc8996ded691d2d

Trust: 1.0

url:https://git.kernel.org/stable/c/012ae530afa0785102360de452745d33c99a321b

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2024-49938

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012555 // NVD: CVE-2024-49938

SOURCES

db:CNVDid:CNVD-2025-19350
db:JVNDBid:JVNDB-2024-012555
db:NVDid:CVE-2024-49938

LAST UPDATE DATE

2026-06-19T20:16:30.691000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-012555date:2024-11-14T02:41:00
db:NVDid:CVE-2024-49938date:2026-05-12T12:17:18.090

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-12T00:00:00
db:JVNDBid:JVNDB-2024-012555date:2024-11-14T00:00:00
db:NVDid:CVE-2024-49938date:2024-10-21T18:15:15.547