First published: Thu Nov 17 2022(Updated: )
A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.
Credit: product-security@silabs.com
Affected Software | Affected Version | How to fix |
---|---|---|
Silabs Gecko Software Development Kit | ||
Silabs Zigbee Emberznet |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-24939.
The severity of CVE-2022-24939 is medium.
The Silabs Gecko Software Development Kit and Silabs Zigbee Emberznet are affected by CVE-2022-24939.
The CWE for CVE-2022-24939 is CWE-787 and CWE-119.
There is no specific fix mentioned for CVE-2022-24939. It is recommended to follow the guidance provided by Silabs and keep the affected software up to date.