First published: Tue Aug 30 2022(Updated: )
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.
Credit: twcert@cert.org.tw
Affected Software | Affected Version | How to fix |
---|---|---|
Realtek Bluetooth Mesh Software Development Kit | <=4.17-4.17-20220127 | |
Google Android | ||
Linux Linux kernel |
Realtek Linux/Android Bluetooth Mesh SDK v4.18-4.18-20220218
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-26529 is a buffer overflow vulnerability in Realtek Linux/Android Bluetooth Mesh SDK.
The severity of CVE-2022-26529 is medium with a severity value of 6.5.
CVE-2022-26529 affects Realtek Bluetooth Mesh Software Development Kit version 4.17-4.17-20220127.
An unauthenticated attacker in the adjacent network can exploit CVE-2022-26529 to cause buffer overflow and disrupt service.
No, Google Android and Linux Linux kernel are not vulnerable to CVE-2022-26529.