CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32097 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-32097
18 May 2023 — Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 • CWE-14: Compiler Removal of Code to Clear Buffers •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32096 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-32096
18 May 2023 — Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 • CWE-14: Compiler Removal of Code to Clear Buffers •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2481 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-2481
18 May 2023 — Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 • CWE-14: Compiler Removal of Code to Clear Buffers •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1132 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-1132
18 May 2023 — Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 • CWE-14: Compiler Removal of Code to Clear Buffers •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0965 – Key duplication in GSDK
https://notcve.org/view.php?id=CVE-2023-0965
18 May 2023 — Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1 • CWE-14: Compiler Removal of Code to Clear Buffers •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0775 – Bluetooth LE Invalid prepare write request command leads to denial of service
https://notcve.org/view.php?id=CVE-2023-0775
28 Mar 2023 — An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service. • https://github.com/SiliconLabs/gecko_sdk • CWE-20: Improper Input Validation •