CVE-2022-21742

Summary

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.

Affected Software

VendorProductVersion RangeStatus
RealtekUSB FE/1GbE/2.5GbE/5GbE NIC Family10.28 <= 10.39affected
RealtekUSB FE/1GbE/2.5GbE/5GbE NIC Family8.49 <= 8.60affected
RealtekUSB FE/1GbE/2.5GbE/5GbE NIC Family7.42 <= 7.53affected

Weaknesses

  • CWE-120: CWE-120 Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References