Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-6057-1cd0d-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
05 Jul 2022, 20:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:realtek:rtl8156b:-:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:realtek:rtl8156:-:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:realtek:rtl8152b:-:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:realtek:rtl8153:-:*:*:*:*:*:*:* cpe:2.3:h:realtek:rtl8154:-:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:realtek:rtl8153b:-:*:*:*:*:*:*:* cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:realtek:rtl8154b:-:*:*:*:*:*:*:* |
|
First Time |
Realtek rtl8154b
Realtek rtl8152b Firmware Realtek rtl8153b Firmware Realtek rtl8154 Realtek rtl8152b Realtek rtl8153 Firmware Realtek Realtek rtl8156b Realtek rtl8153b Realtek rtl8156 Firmware Realtek rtl8156 Realtek rtl8156b Firmware Realtek rtl8153 Realtek rtl8154b Firmware Realtek rtl8154 Firmware |
|
CWE | CWE-120 | |
References | (MISC) https://www.twcert.org.tw/tw/cp-132-6057-1cd0d-1.html - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 6.5 |
20 Jun 2022, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-20 06:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-21742
Mitre link : CVE-2022-21742
CVE.ORG link : CVE-2022-21742
JSON object : View
Products Affected
realtek
- rtl8156_firmware
- rtl8152b_firmware
- rtl8153b_firmware
- rtl8154
- rtl8153
- rtl8153b
- rtl8152b
- rtl8153_firmware
- rtl8156b
- rtl8154b_firmware
- rtl8154b
- rtl8156
- rtl8154_firmware
- rtl8156b_firmware
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')