13 matches found
EUVD-2023-44147
Malicious code in bioql PyPI...
CVE-2023-4041 Second Stage Gecko Bootloader GBL Parser Buffer Overrun Vulnerability
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...
CVE-2023-3488
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
Code injection
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack
Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...
PT-2023-25045 · Silicon · Silicon Labs Gsdk
Name of the Vulnerable Software and Affected Versions: Silicon Labs GSDK versions 4.3.0 and earlier Description: The issue is related to an uninitialized buffer in the GBL parser, which allows an attacker to leak data from the Secure stack by using a malformed GBL file. Recommendations: For Silic...
CVE-2022-24936
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade...
CVE-2022-24936
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade...
Design/Logic Flaw
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade...
CVE-2022-24936 Gecko Standalone Bootloader vulnerability may allow bypassing application secure boot in some Series 2 devices
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade...
CVE-2022-24936
CVE-2022-24936 is a vulnerability in Silicon Labs Gecko Bootloader’s GBL parser, affecting Gecko Bootloader versions 4.0.1 and earlier. The issue is an out-of-bounds error in the GBL parser that could let an attacker overwrite critical flash keys (Sign key and OTA decryption key) through a malici...