{ "id": "CVE-2023-3024", "sourceIdentifier": "product-security@silabs.com", "published": "2023-09-29T17:15:47.043", "lastModified": "2024-09-25T16:15:07.607", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access." }, { "lang": "es", "value": "Obligar a la pila Bluetooth LE a segmentar paquetes de \"prepare write response\" puede provocar un acceso a la memoria fuera de los l\u00edmites." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 }, { "source": "product-security@silabs.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.6, "impactScore": 4.2 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] }, { "source": "product-security@silabs.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-787" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42" }, { "vulnerable": false, "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0.0", "versionEndExcluding": "6.0.0", "matchCriteriaId": "D3DE410C-55EC-4831-B7F1-66B341B1D760" } ] } ] } ], "references": [ { "url": "https://github.com/SiliconLabs/gecko_sdk", "source": "product-security@silabs.com", "tags": [ "Product" ] }, { "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1", "source": "product-security@silabs.com", "tags": [ "Permissions Required", "Vendor Advisory" ] } ] }