CVE-2023-41097

CVSS V2 None CVSS V3 None

Description

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.

Overview

CVE ID
CVE-2023-41097

Assigner
Silabs

Vulnerability Status
PUBLISHED

Published Version
2023-12-21T20:33:04.967Z

Last Modified Date
2023-12-21T20:33:04.967Z

Weakness Enumerations

CWE	URL
CWE-208	http://cwe.mitre.org/data/definitions/208.html
CWE-385	http://cwe.mitre.org/data/definitions/385.html

References

Reference URL	Reference Tags
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000007rArIAI?operationContext=S1	vendor-advisory
https://github.com/SiliconLabs/gecko_sdk/releases	patch

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-41097
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41097

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 03:43:51				Added to TrackCVE