CVE-2024-8361

Name of the Vulnerable Software and Affected Versions SiWx91x devices (affected versions not specified)

Description The issue is related to the SHA2/224 algorithm, which returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, causing a Denial of Service (DoS). If a watchdog is implemented, the device will restart after the watchdog expires. If a watchdog is not implemented, the device can only be recovered after a hard reset.

Recommendations For SiWx91x devices, consider implementing a watchdog to allow for automatic restart after a Denial of Service occurs. As a temporary workaround, avoid using the SHA2/224 algorithm until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.