CVE-2024-3017

In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://community.silabs.com/069Vm000007UEhZIAW
https://github.com/SiliconLabs/simplicity_sdk
https://community.silabs.com/069Vm000007UEhZIAW
https://github.com/SiliconLabs/simplicity_sdk

Configurations

No configuration.

History

21 Nov 2024, 09:28

Type	Values Removed	Values Added
References	~~() https://community.silabs.com/069Vm000007UEhZIAW -~~	() https://community.silabs.com/069Vm000007UEhZIAW -
References	~~() https://github.com/SiliconLabs/simplicity_sdk -~~	() https://github.com/SiliconLabs/simplicity_sdk -
Summary		(es) En una puerta de enlace multiprotocolo de Silicon Labs, un puntero corrupto a datos almacenados en un búfer en un coprocesador de radio multiprotocolo (RCP) hace que la tarea de la aplicación OpenThread Border Router (OTBR) que se ejecuta en la plataforma host falle, lo que permite que un atacante cause una denegación temporal de servicio.

27 Jun 2024, 19:25

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-27 19:15

Updated : 2024-11-21 09:28

NVD link : CVE-2024-3017

Mitre link : CVE-2024-3017

CVE.ORG link : CVE-2024-3017

JSON object : View

Products Affected

No product.

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

6.5 /10