Vulnerabilities (CVE)

Filtered by vendor Silabs Subscribe
Filtered by product Gecko Software Development Kit
Total 27 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-1132 1 Silabs 1 Gecko Software Development Kit 2024-02-28 N/A 7.5 HIGH
Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVE-2023-2481 1 Silabs 1 Gecko Software Development Kit 2024-02-28 N/A 7.5 HIGH
Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVE-2023-32097 1 Silabs 1 Gecko Software Development Kit 2024-02-28 N/A 7.5 HIGH
Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVE-2023-0775 1 Silabs 1 Gecko Software Development Kit 2024-02-28 N/A 6.5 MEDIUM
An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.
CVE-2023-32100 1 Silabs 1 Gecko Software Development Kit 2024-02-28 N/A 7.5 HIGH
Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVE-2023-32099 1 Silabs 1 Gecko Software Development Kit 2024-02-28 N/A 7.5 HIGH
Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVE-2022-24939 1 Silabs 2 Gecko Software Development Kit, Zigbee Emberznet 2024-02-28 N/A 6.5 MEDIUM
 A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.