Gecko Software Development Kit Security Vulnerabilities and Issues — Gecko Software Development Kit CVE List

Lucene search

SilabsGecko Software Development Kit

12 matches found

CVE•added 2023/12/21 9:15 p.m.•46 views

CVE-2023-41097

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.

7.5CVSS5.8AI score0.00107EPSS

CVE•added 2024/02/02 4:15 p.m.•46 views

CVE-2023-6387

A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution

7.5CVSS8AI score0.03196EPSS

CVE•added 2023/05/18 7:15 p.m.•42 views

CVE-2023-32100

Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS6.3AI score0.00086EPSS

CVE•added 2023/05/18 7:15 p.m.•39 views

CVE-2023-32099

Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS6.3AI score0.00086EPSS

CVE•added 2023/05/18 7:15 p.m.•38 views

CVE-2023-32097

Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS5.7AI score0.00082EPSS

CVE•added 2023/05/18 7:15 p.m.•37 views

CVE-2023-0965

Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS5.7AI score0.0007EPSS

CVE•added 2023/05/18 7:15 p.m.•37 views

CVE-2023-32098

Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS6.3AI score0.00086EPSS

CVE•added 2023/05/18 7:15 p.m.•36 views

CVE-2023-2481

Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS6.3AI score0.00086EPSS

CVE•added 2023/05/18 7:15 p.m.•36 views

CVE-2023-32096

Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS5.7AI score0.00082EPSS

CVE•added 2024/02/05 6:15 p.m.•35 views

CVE-2023-6874

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number

7.5CVSS7.3AI score0.00059EPSS

CVE•added 2023/05/18 7:15 p.m.•32 views

CVE-2023-1132

Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

7.5CVSS6.3AI score0.00073EPSS

CVE•added 2024/02/21 7:15 p.m.•32 views

CVE-2024-22473

TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure Vault (VSE) devices. This defect may allow Signature Spoofing by Key Recreation.This issue affects Gecko SDK through v4.4.0.

7.5CVSS6.6AI score0.00067EPSS