Cross site request forgery (csrf)

2023-03-2817:15:00

PRIOn knowledge base

www.prio-n.com

cross site request forgery

csrf

prepare write request

bluetooth le

memory

denial-of-service

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.1%

JSON

An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.

CPENameOperatorVersion
gecko_software_development_kiteq5.1.0
gecko_software_development_kiteq5.1.1

CPE	Name	Operator	Version
	gecko_software_development_kit	eq	5.1.0
	gecko_software_development_kit	eq	5.1.1

References

github.com/SiliconLabs/gecko_sdk

siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000SMMyGQAX?operationContext=S1