cvedb.io
CVE-2025-2838
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2025-03-26T22:15:15.803 · Last modified 2026-06-17T09:07:42.590

Summary

Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of DNS responses. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23392.

Affected products

silabs — gecko_os

Does this affect you?

Add your gear to cvedb and we'll alert you only when silabs ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.