CVE-2022-24939

Опубликовано: 18 нояб. 2022

Источник: nvd

CVSS3: 5.7

CVSS3: 6.5

EPSS Низкий

Описание

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.

Ссылки

https://github.com/SiliconLabs/gecko_sdk
Third Party Advisory
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000IWDCwQAP?operationContext=S1
Permissions Required
Vendor Advisory
https://github.com/SiliconLabs/gecko_sdk
Third Party Advisory
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000IWDCwQAP?operationContext=S1
Permissions Required
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:silabs:gecko_software_development_kit:-:*:*:*:*:*:*:*

cpe:2.3:a:silabs:zigbee_emberznet:-:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00138

Низкий

5.7 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-119

CWE-787

Связанные уязвимости

GHSA-q35w-7696-fc7r

CVSS3: 6.5

github

около 3 лет назад

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.

EPSS

Процентиль: 34%

0.00138

Низкий

5.7 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-119

CWE-787