CVE-2024-6657 – BLE peripheral DoS after few cycles of connect/disconnects
https://notcve.org/view.php?id=CVE-2024-6657
A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to recover the peripheral device. • https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm00000E9IIbIAN?operationContext=S1 https://community.silabs.com/068Vm00000FfVNN • CWE-821: Incorrect Synchronization •
CVE-2024-2502 – Failure to update the tamper reset cause register when a tamper event occurs
https://notcve.org/view.php?id=CVE-2024-2502
An application can be configured to block boot attempts after consecutive tamper resets are detected, which may not occur as expected. This is possible because the TAMPERRSTCAUSE register may not be properly updated when a level 4 tamper event (a tamper reset) occurs. This impacts Series 2 HSE-SVH devices, including xG23B, xG24B, xG25B, and xG28B, but does not impact xG21B. To mitigate this issue, upgrade to SE Firmware version 2.2.6 or later. • https://community.silabs.com/sfc/servlet.shepherd/document/download/069Vm00000BYb5HIAT?operationContext=S1 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2024-3017 – Denial of service in multi-protocol gateway - Zigbee + Thread
https://notcve.org/view.php?id=CVE-2024-3017
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service. • https://community.silabs.com/069Vm000007UEhZIAW https://github.com/SiliconLabs/simplicity_sdk • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2024-3043 – Zigbee co-ordinator realignment packet may lead to denial of service
https://notcve.org/view.php?id=CVE-2024-3043
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee nodes to change their network identifier (pan ID), leading to a denial of service. This packet type is not useful in production and should be used only for PHY qualification. • https://community.silabs.com/069Vm000005UCH0IAO https://github.com/SiliconLabs/gecko_sdk • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVE-2024-4013 – Failure to update BT Mesh Replay Protection List
https://notcve.org/view.php?id=CVE-2024-4013
A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection List (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme was changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#. Existe un error en la API, mesh_node_power_off(), que no puede copiar el contenido de la Lista de protección de reproducción (RPL) de la RAM a la NVM antes de apagarse, lo que da como resultado la capacidad de reproducir mensajes no guardados. Tenga en cuenta que a partir de junio de 2024, el SDK de Gecko pasó a llamarse Simplicity SDK y el esquema de versiones se cambió de Gecko SDK vX.YZ a Simplicity SDK AAAA.MM.Patch#. • https://community.silabs.com/068Vm000006rR53 https://github.com/SiliconLabs/gecko_sdk/releases • CWE-404: Improper Resource Shutdown or Release •