CVE-2022-24939

Description

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.

Related CPE's

a silabs zigbee_emberznet -*******

a silabs gecko_software_development_kit -*******

References

https://github.com/SiliconLabs/gecko_sdk

Third Party Advisory

https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000IWDCwQAP?operationContext=S1

Permissions RequiredVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io