CVE-2023-0775

MEDIUM

Silabs Gecko Software Development Kit - Denial of Service via Invalid Prepare Write Request

Title source: llm

Description

An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.

References (2)

Core 2

Core References

Product

https://github.com/SiliconLabs/gecko_sdk

Permissions Required

https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000SMMyGQAX?operationContext=S1

Scores

CVSS v3 6.5

EPSS 0.0031

EPSS Percentile 23.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-20

Status published

Products (2)

silabs/gecko_software_development_kit 5.1.0

silabs/gecko_software_development_kit 5.1.1

Published Mar 28, 2023

Tracked Since Feb 18, 2026