CVE-2022-24939

SiliconLabs/gecko_sdk

on github

Published

November 18, 2022

Severity

CVSS v3:

6.5 MEDIUM

CVSS v2:

N/A

Description

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.

References

https://github.com/SiliconLabs/gecko_sdk
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000IWDCwQAP?operationContext=S1

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:silabs:zigbee_emberznet:-:::::::*	n/a	n/a	-
cpe:2.3:a:silabs:gecko_software_development_kit:-:::::::*	n/a	n/a	-

External Links

NVD - CVE-2022-24939