Vulnerability Details CVE-2022-20021
In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198513; Issue ID: ALPS06198513.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.3
References
Products affected by CVE-2022-20021
-
cpe:2.3:h:mediatek:awus036nh:-
-
cpe:2.3:h:mediatek:mt6580:-
-
cpe:2.3:h:mediatek:mt6630:-
-
cpe:2.3:h:mediatek:mt6735:-
-
cpe:2.3:h:mediatek:mt6737:-
-
cpe:2.3:h:mediatek:mt6739:-
-
cpe:2.3:h:mediatek:mt6750s:-
-
cpe:2.3:h:mediatek:mt6753:-
-
cpe:2.3:h:mediatek:mt6755s:-
-
cpe:2.3:h:mediatek:mt6757:-
-
cpe:2.3:h:mediatek:mt6757c:-
-
cpe:2.3:h:mediatek:mt6757cd:-
-
cpe:2.3:h:mediatek:mt6757ch:-
-
cpe:2.3:h:mediatek:mt6763:-
-
cpe:2.3:h:mediatek:mt6771:-
-
cpe:2.3:h:mediatek:mt7662t:-
-
cpe:2.3:h:mediatek:mt7663:-
-
cpe:2.3:h:mediatek:mt7668:-
-
cpe:2.3:h:mediatek:mt8163:-
-
cpe:2.3:h:mediatek:mt8167:-
-
cpe:2.3:h:mediatek:mt8167s:-
-
cpe:2.3:h:mediatek:mt8173:-
-
cpe:2.3:h:mediatek:mt8183:-
-
cpe:2.3:h:mediatek:mt8321:-
-
cpe:2.3:h:mediatek:mt8362a:-
-
cpe:2.3:h:mediatek:mt8362b:-
-
cpe:2.3:h:mediatek:mt8385:-
-
cpe:2.3:h:mediatek:mt8765:-
-
cpe:2.3:h:mediatek:mt8788:-
-
cpe:2.3:o:google:android:10.0
-
cpe:2.3:o:google:android:11.0