Buffer Overflow Vulnerability in Realtek Linux/Android Bluetooth Mesh SDK

Buffer Overflow Vulnerability in Realtek Linux/Android Bluetooth Mesh SDK

CVE-2022-26528 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.