An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.
References
Link | Resource |
---|---|
https://github.com/SiliconLabs/gecko_sdk/releases | Release Notes |
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000007rArIAI?operationContext=S1 | Permissions Required |
Configurations
History
25 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0. | |
CWE | CWE-327 |
03 Jan 2024, 17:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:* | |
CWE | CWE-203 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | () https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000007rArIAI?operationContext=S1 - Permissions Required | |
References | () https://github.com/SiliconLabs/gecko_sdk/releases - Release Notes | |
First Time |
Silabs gecko Software Development Kit
Silabs |
21 Dec 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-21 21:15
Updated : 2024-09-25 17:15
NVD link : CVE-2023-41097
Mitre link : CVE-2023-41097
CVE.ORG link : CVE-2023-41097
JSON object : View
Products Affected
silabs
- gecko_software_development_kit