CVE-2024-0240

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

A

memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such as advertising and scanning, to stop.

References

Link	Resource
https://community.silabs.com/069Vm000001AjEfIAK	Permissions Required
https://github.com/SiliconLabs/gecko_sdk	Product
https://community.silabs.com/069Vm000001AjEfIAK	Permissions Required
https://github.com/SiliconLabs/gecko_sdk	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*

History

05 Feb 2025, 22:37

Type	Values Removed	Values Added
First Time		Silabs Silabs gecko Software Development Kit
References	~~() https://community.silabs.com/069Vm000001AjEfIAK -~~	() https://community.silabs.com/069Vm000001AjEfIAK - Permissions Required
References	~~() https://github.com/SiliconLabs/gecko_sdk -~~	() https://github.com/SiliconLabs/gecko_sdk - Product
CPE		cpe:2.3:a:silabs:gecko_software_development_kit::::::::

21 Nov 2024, 08:46

Type	Values Removed	Values Added
References	~~() https://community.silabs.com/069Vm000001AjEfIAK -~~	() https://community.silabs.com/069Vm000001AjEfIAK -
References	~~() https://github.com/SiliconLabs/gecko_sdk -~~	() https://github.com/SiliconLabs/gecko_sdk -

25 Sep 2024, 17:15

Type	Values Removed	Values Added
CWE	~~CWE-400~~	CWE-401

Information

Published : 2024-02-15 21:15

Updated : 2025-02-05 22:37

NVD link : CVE-2024-0240

Mitre link : CVE-2024-0240

CVE.ORG link : CVE-2024-0240

JSON object : View

Products Affected

gecko_software_development_kit

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

{"id": "CVE-2024-0240", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-02-15T21:15:08.673", "references": [{"url": "https://community.silabs.com/069Vm000001AjEfIAK", "tags": ["Permissions Required"], "source": "[email protected]"}, {"url": "https://github.com/SiliconLabs/gecko_sdk", "tags": ["Product"], "source": "[email protected]"}, {"url": "https://community.silabs.com/069Vm000001AjEfIAK", "tags": ["Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/SiliconLabs/gecko_sdk", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-401"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-401"}]}], "descriptions": [{"lang": "en", "value": "A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such as advertising and scanning, to stop."}, {"lang": "es", "value": "Una p\u00e9rdida de memoria en la pila Bluetooth de Silicon Labs para productos EFR32 puede provocar que la memoria se agote al enviar notificaciones a varios clientes, lo que provoca que se detengan todas las operaciones de Bluetooth, como la publicidad y el escaneo."}], "lastModified": "2025-02-05T22:37:50.810", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F092FC23-87F8-4D0F-B12C-90CD70E79D8B", "versionEndExcluding": "4.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}