Bluetooth Flooding Vulnerability in MediaTek Devices
CVE-2022-20023

6.5MEDIUM

Key Information:

Vendor
MediaTek
Status
Mt6580, Mt6630, Mt6735, Mt6737, Mt6739, Mt6750s, Mt6753, Mt6755s, Mt6757, Mt6757c, Mt6757cd, Mt6757ch, Mt6761, Mt6762, Mt6763, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6833, Mt6853, Mt6853t, Mt6873, Mt6877, Mt6885, Mt6889, Mt6893, Mt7662t, Mt7663, Mt7668, Mt7915, Mt7920, Mt7921, Mt7922, Mt8163, Mt8167, Mt8167s, Mt8168, Mt8173, Mt8175, Mt8183, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8362b, Mt8365, Mt8385, Mt8765, Mt8766, Mt8768, Mt8786, Mt8788, Mt8789, Mt8791, Mt8797
Vendor
CVE Published:
4 January 2022

Summary

This vulnerability involves a scenario where Bluetooth-enabled devices can be flooded with unexpected LMP_AU_rand packets, potentially causing the application to crash. With no additional execution privileges required, attackers can exploit this issue remotely, making user interaction unnecessary. This denial of service attack can compromise Bluetooth functionality, highlighting the need for timely updates and security patches to mitigate risks.

Affected Version(s)

MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT7662T, MT7663, MT7668, MT7915, MT7920, MT7921, MT7922, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8362B, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797 Android 10.0, 11.0

References

https://corp.mediatek.com/product-security-bulletin/Janua...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.