| TVN ID | TVN-202205003 |
|---|---|
| CVE ID | CVE-2022-26528 |
| CVSS | 6.5 (Medium) CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Affected Products | Realtek Linux/Android Bluetooth Mesh SDK older than v4.17-4.17-20220127 |
| Description | Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. |
| Solution | Realtek Linux/Android Bluetooth Mesh SDK v4.18-4.18-20220218 |
| Credit | Realtek |
| Public Date | 2022-08-30 |
:::