ID

VAR-202411-2172


CVE

CVE-2024-53059


TITLE

Linux  of  Linux Kernel  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-013938

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. The response buffer is not freed. Resolve these issues by switching to iwl_mvm_send_cmd_status(), which handles both size validation and frees the buffer. Linux of Linux Kernel Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues

Trust: 2.16

sources: NVD: CVE-2024-53059 // JVNDB: JVNDB-2024-013938 // CNVD: CNVD-2025-19350

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.12

Trust: 1.8

vendor:linuxmodel:kernelscope:ltversion:5.4.285

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.229

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.1

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.11.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.60

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.116

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.171

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.60

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.116

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.171

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.1 that's all 5.4.285

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.11.7

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.5 that's all 5.10.229

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.2

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-013938 // NVD: CVE-2024-53059

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-53059
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-53059
value: HIGH

Trust: 1.0

NVD: CVE-2024-53059
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-19350
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19350
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-53059
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2024-53059
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-013938 // NVD: CVE-2024-53059 // NVD: CVE-2024-53059

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-013938 // NVD: CVE-2024-53059

PATCH

title:Linux Kernel Archivesurl:https://git.kernel.org/stable/c/07a6e3b78a65f4b2796a8d0d4adb1a15a81edead

Trust: 0.8

title:Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlierurl:https://www.cnvd.org.cn/patchInfo/show/723061

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-013938

EXTERNAL IDS

db:NVDid:CVE-2024-53059

Trust: 2.6

db:SIEMENSid:SSA-355557

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:ICS CERTid:ICSA-25-226-07

Trust: 0.8

db:JVNid:JVNVU92169998

Trust: 0.8

db:JVNDBid:JVNDB-2024-013938

Trust: 0.8

db:CNVDid:CNVD-2025-19350

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-013938 // NVD: CVE-2024-53059

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Trust: 1.0

url:https://git.kernel.org/stable/c/64d63557ded6ff3ce72b18ab87a6c4b1b652161c

Trust: 1.0

url:https://git.kernel.org/stable/c/9480c3045f302f43f9910d2d556d6cf5a62c1822

Trust: 1.0

url:https://git.kernel.org/stable/c/45a628911d3c68e024eed337054a0452b064f450

Trust: 1.0

url:https://git.kernel.org/stable/c/3f45d590ccbae6dfd6faef54efe74c30bd85d3da

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Trust: 1.0

url:https://git.kernel.org/stable/c/9c98ee7ea463a838235e7a0e35851b38476364f2

Trust: 1.0

url:https://git.kernel.org/stable/c/3eb986c64c6bfb721950f9666a3b723cf65d043f

Trust: 1.0

url:https://git.kernel.org/stable/c/07a6e3b78a65f4b2796a8d0d4adb1a15a81edead

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://jvn.jp/vu/jvnvu92169998/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-53059

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-013938 // NVD: CVE-2024-53059

SOURCES

db:CNVDid:CNVD-2025-19350
db:JVNDBid:JVNDB-2024-013938
db:NVDid:CVE-2024-53059

LAST UPDATE DATE

2026-06-19T21:49:31.719000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-013938date:2025-08-21T05:39:00
db:NVDid:CVE-2024-53059date:2026-05-12T13:16:21.693

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-12T00:00:00
db:JVNDBid:JVNDB-2024-013938date:2024-12-04T00:00:00
db:NVDid:CVE-2024-53059date:2024-11-19T18:15:25.833