In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608.
Attack Vector Adjacent Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
User Interaction None
No CVSS v3.0
Access Vector Adjacent Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
AV:A/AC:L/Au:N/C:N/I:N/A:P
Vendors | Products |
---|---|
Mediatek |
|
|
Configuration 1 [-]
AND |
|
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/January-2022 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: MediaTek
Published: 2022-01-04T15:57:24
Updated: 2022-01-04T15:57:24
Reserved: 2021-10-12T00:00:00
Link: CVE-2022-20023
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-04T16:15:10.703
Modified: 2022-01-11T19:17:38.807
Link: CVE-2022-20023
JSON object: View
Redhat Information
No data.
CWE