Multiple vulnerabilities in Silicon Labs Gecko OS

Published: 2024-06-24

Risk	Medium
Patch available	YES
Number of vulnerabilities	6
CVE-ID	CVE-2024-23973 CVE-2024-23938 CVE-2024-23937 CVE-2024-24731 CVE-2024-24736 CVE-2024-24737
CWE-ID	CWE-121 CWE-134 CWE-20 CWE-835
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	Gecko OS Operating systems & Components / Operating system
Vendor	Silicon Labs

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Stack-based buffer overflow

EUVDB-ID: #VU93096

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23973

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the handling of HTTP GET requests. A remote attacker on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Gecko OS: All versions

CPE2.3

cpe:2.3:o:silicon_labs:gecko_os:*:*:*:*:*:*:*:

External links

http://www.zerodayinitiative.com/advisories/ZDI-24-873/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Stack-based buffer overflow

EUVDB-ID: #VU93106

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23938

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the debug interface. A remote unauthenticated attacker on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Gecko OS: All versions

CPE2.3

cpe:2.3:o:silicon_labs:gecko_os:*:*:*:*:*:*:*:

External links

http://www.zerodayinitiative.com/advisories/ZDI-24-868/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Format string error

EUVDB-ID: #VU93104

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23937

CWE-ID: CWE-134 - Use of Externally-Controlled Format String

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a format string error within the debug interface. A remote attacker on the local network can supply a specially crafted input that contains format string specifiers and gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Gecko OS: All versions

CPE2.3

cpe:2.3:o:silicon_labs:gecko_os:*:*:*:*:*:*:*:

External links

http://www.zerodayinitiative.com/advisories/ZDI-24-869/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Stack-based buffer overflow

EUVDB-ID: #VU93101

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24731

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the implementation of the http_download command. A remote attacker on the local network can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Gecko OS: All versions

CPE2.3

cpe:2.3:o:silicon_labs:gecko_os:*:*:*:*:*:*:*:

External links

http://www.zerodayinitiative.com/advisories/ZDI-24-870/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Input validation error

EUVDB-ID: #VU93100

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24736

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Gecko OS: All versions

CPE2.3

cpe:2.3:o:silicon_labs:gecko_os:*:*:*:*:*:*:*:

External links

http://www.zerodayinitiative.com/advisories/ZDI-24-871/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Infinite loop

EUVDB-ID: #VU93099

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24737

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the processing of DNS responses. A remote attacker on the local network can consume all available system resources and cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Gecko OS: All versions

CPE2.3

cpe:2.3:o:silicon_labs:gecko_os:*:*:*:*:*:*:*:

External links

http://www.zerodayinitiative.com/advisories/ZDI-24-872/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.