Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.
References
Link | Resource |
---|---|
https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Wi3HwQAJ?operationContext=S1 | Permissions Required |
https://github.com/SiliconLabs/gecko_sdk/releases | Release Notes |
Configurations
History
03 Aug 2023, 17:10
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-908 | |
CPE | cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | (MISC) https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Wi3HwQAJ?operationContext=S1 - Permissions Required | |
References | (MISC) https://github.com/SiliconLabs/gecko_sdk/releases - Release Notes |
28 Jul 2023, 16:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-28 16:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-3488
Mitre link : CVE-2023-3488
CVE.ORG link : CVE-2023-3488
JSON object : View
Products Affected
silabs
- gecko_software_development_kit
CWE
CWE-908
Use of Uninitialized Resource