CVE-2024-3017

In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://community.silabs.com/069Vm000007UEhZIAW
https://github.com/SiliconLabs/simplicity_sdk
https://community.silabs.com/069Vm000007UEhZIAW
https://github.com/SiliconLabs/simplicity_sdk

Configurations

No configuration.

History

16 Sep 2025, 16:15

Type	Values Removed	Values Added
CWE	~~CWE-119~~	CWE-125

21 Nov 2024, 09:28

Type	Values Removed	Values Added
Summary		(es) En una puerta de enlace multiprotocolo de Silicon Labs, un puntero corrupto a datos almacenados en un búfer en un coprocesador de radio multiprotocolo (RCP) hace que la tarea de la aplicación OpenThread Border Router (OTBR) que se ejecuta en la plataforma host falle, lo que permite que un atacante cause una denegación temporal de servicio.
References	~~() https://community.silabs.com/069Vm000007UEhZIAW -~~	() https://community.silabs.com/069Vm000007UEhZIAW -
References	~~() https://github.com/SiliconLabs/simplicity_sdk -~~	() https://github.com/SiliconLabs/simplicity_sdk -

27 Jun 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-27 19:15

Updated : 2025-09-16 16:15

NVD link : CVE-2024-3017

Mitre link : CVE-2024-3017

CVE.ORG link : CVE-2024-3017

JSON object : View

Products Affected

No product.

CWE

CWE-125

Out-of-bounds Read

6.5 /10