ID

VAR-202411-0905


CVE

CVE-2024-50251


TITLE

Linux  of  Linux Kernel  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-012801

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed. Linux of Linux Kernel Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues

Trust: 2.16

sources: NVD: CVE-2024-50251 // JVNDB: JVNDB-2024-012801 // CNVD: CNVD-2025-19350

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.12

Trust: 1.8

vendor:linuxmodel:kernelscope:ltversion:5.4.285

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.323

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.229

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.5

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.11.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.60

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.116

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.171

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.60

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:4.5 that's all 4.19.323

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.116

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.171

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:4.20 that's all 5.4.285

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.11.7

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.5 that's all 5.10.229

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.2

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012801 // NVD: CVE-2024-50251

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-50251
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-50251
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-19350
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19350
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-50251
baseSeverity: MEDIUM
baseScore: 6.2
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2024-50251
baseSeverity: MEDIUM
baseScore: 6.2
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012801 // NVD: CVE-2024-50251

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-012801 // NVD: CVE-2024-50251

PATCH

title:Linux Kernel Archivesurl:https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72

Trust: 0.8

title:Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlierurl:https://www.cnvd.org.cn/patchInfo/show/723061

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012801

EXTERNAL IDS

db:NVDid:CVE-2024-50251

Trust: 2.6

db:SIEMENSid:SSA-355557

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:SIEMENSid:SSA-398330

Trust: 1.0

db:ICS CERTid:ICSA-25-226-07

Trust: 0.8

db:JVNid:JVNVU92169998

Trust: 0.8

db:JVNDBid:JVNDB-2024-012801

Trust: 0.8

db:CNVDid:CNVD-2025-19350

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012801 // NVD: CVE-2024-50251

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Trust: 1.0

url:https://git.kernel.org/stable/c/ac7df3fc80fc82bcc3b1e8f6ebc0d2c435d0c534

Trust: 1.0

url:https://github.com/slavin-ayu/cve-2024-50251-poc

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Trust: 1.0

url:https://git.kernel.org/stable/c/d3217323525f7596427124359e76ea0d8fcc9874

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Trust: 1.0

url:https://git.kernel.org/stable/c/d5953d680f7e96208c29ce4139a0e38de87a57fe

Trust: 1.0

url:https://git.kernel.org/stable/c/b1d2de8a669fa14c499a385e056944d5352b3b40

Trust: 1.0

url:https://git.kernel.org/stable/c/c43e0ea848e7b9bef7a682cbc5608022d6d29d7b

Trust: 1.0

url:https://git.kernel.org/stable/c/a661ed364ae6ae88c2fafa9ddc27df1af2a73701

Trust: 1.0

url:https://git.kernel.org/stable/c/e3e608cbad376674d19a71ccd0d41804d9393f02

Trust: 1.0

url:https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72

Trust: 1.0

url:https://jvn.jp/vu/jvnvu92169998/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-50251

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-012801 // NVD: CVE-2024-50251

SOURCES

db:CNVDid:CNVD-2025-19350
db:JVNDBid:JVNDB-2024-012801
db:NVDid:CVE-2024-50251

LAST UPDATE DATE

2026-06-19T21:42:40.165000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-012801date:2025-08-21T04:56:00
db:NVDid:CVE-2024-50251date:2026-05-12T13:16:20.030

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-12T00:00:00
db:JVNDBid:JVNDB-2024-012801date:2024-11-15T00:00:00
db:NVDid:CVE-2024-50251date:2024-11-09T11:15:10.900