Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Key duplication in GSDK
Vulnerability Description
Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
编译器移除释放缓冲区的代码
Vulnerability Title
Silicon Labs Gecko SDK 安全漏洞
Vulnerability Description
Silicon Labs Gecko SDK(GSDK)是Silicon Labs开源的一个库。将 Silicon Labs 无线软件开发工具包(SDK)和 Gecko 平台结合为一个集成的软件包。 Silicon Labs Gecko SDK 4.2.1及之前版本存在安全漏洞,该漏洞源于sli_se_sign_hash中清除缓冲区的操作,会导致密钥材料复制到RAM中。
CVSS Information
N/A
Vulnerability Type
N/A