Description
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.twcert.org.tw/tw/cp-132-6057-1cd0d-1.html
Scores
CVSS v3
6.2
EPSS
0.0014
EPSS Percentile
33.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-120
Status
published
Products (7)
realtek/rtl8152b_firmware
7.42 - 7.53
realtek/rtl8153_firmware
7.42 - 7.53
realtek/rtl8153b_firmware
7.42 - 7.53
realtek/rtl8154_firmware
7.42 - 7.53
realtek/rtl8154b_firmware
7.42 - 7.53
realtek/rtl8156_firmware
7.42 - 7.53
realtek/rtl8156b_firmware
7.42 - 7.53
Published
Jun 20, 2022
Tracked Since
Feb 18, 2026