Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access.
References
Link | Resource |
---|---|
https://github.com/SiliconLabs/gecko_sdk | Product |
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1 | Permissions Required Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
25 Sep 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 |
06 Oct 2023, 13:22
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Qualcomm
Qualcomm aqt1000 Silabs Qualcomm wsa8835 Qualcomm wsa8830 Qualcomm wcd9375 Qualcomm csrb31024 Silabs gecko Software Development Kit Qualcomm wcd9385 Qualcomm wcd9380 Qualcomm wcd9370 |
|
CPE | cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:* cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:* |
|
CWE | CWE-119 | |
References | (MISC) https://github.com/SiliconLabs/gecko_sdk - Product | |
References | (MISC) https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1 - Permissions Required, Vendor Advisory |
29 Sep 2023, 17:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-29 17:15
Updated : 2024-09-25 16:15
NVD link : CVE-2023-3024
Mitre link : CVE-2023-3024
CVE.ORG link : CVE-2023-3024
JSON object : View
Products Affected
qualcomm
- wcd9385
- wsa8835
- wcd9375
- wsa8830
- wcd9380
- aqt1000
- csrb31024
- wcd9370
silabs
- gecko_software_development_kit