CVE-2023-32096

Compiler removal of buffer clearing in slicryptotransparentaeadencrypttag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

CVE-2023-32098 Key duplication in GSDK

Compiler removal of buffer clearing in slisesignmessage in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM...

PT-2023-16778 · Silicon · Gecko Platform Sdk

Name of the Vulnerable Software and Affected Versions: Silicon Labs Gecko Platform SDK versions 4.2.1 and earlier Description: The issue arises from the compiler removal of buffer clearing in the sli se driver key agreement function, leading to key material duplication to RAM. This results in a...

krb5: possible leak of sensitive data from krb5kdc using krb4 request

The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...