CVE-2023-1132 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-1132
Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk • CWE-14: Compiler Removal of Code to Clear Buffers •
CVE-2023-0965 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-0965
Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk • CWE-14: Compiler Removal of Code to Clear Buffers •
CVE-2023-0775 – Bluetooth LE Invalid prepare write request command leads to denial of service
https://notcve.org/view.php?id=CVE-2023-0775
An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service. • https://github.com/SiliconLabs/gecko_sdk https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000SMMyGQAX?operationContext=S1 • CWE-20: Improper Input Validation •
CVE-2023-1262 – Missing MAC layer security in Wi-SUN Linux Border Router
https://notcve.org/view.php?id=CVE-2023-1262
Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000SMyfRQAT?operationContext=S1 https://github.com/SiliconLabs/wisun-br-linux • CWE-862: Missing Authorization •
CVE-2023-1261 – Missing MAC layer security in Wi-SUN SDK
https://notcve.org/view.php?id=CVE-2023-1261
Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000SMyfRQAT?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk • CWE-862: Missing Authorization •