CVE-2022-26528

Published Aug 30, 2022

Last updated 6 months ago

CVSS medium 6.5

Overview

Description: Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.
Source: twcert@cert.org.tw
NVD status: Modified

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

twcert@cert.org.tw: CWE-120
nvd@nist.gov: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:realtek:bluetooth_mesh_software_development_kit:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63ABFA90-24E0-4607-BB05-90ECA0A7639C",
            "versionEndIncluding": "4.17-4.17-20220127"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References