Vulnerability Details CVE-2022-26528
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.4%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2022-26528
-
cpe:2.3:a:realtek:bluetooth_mesh_software_development_kit:*
-
cpe:2.3:o:google:android:-
-
cpe:2.3:o:linux:linux_kernel:-