CVE-2023-22656

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-22656
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-22656.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-22656
Related
Published
2024-05-16T21:15:50Z
Modified
2024-11-21T18:57:20.115026Z
Summary
[none]
Details

Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

Affected packages

Debian:11 / intel-mediasdk

Package

Name
intel-mediasdk
Purl
pkg:deb/debian/intel-mediasdk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

21.*

21.1.0-1
21.3.2-1
21.3.4-1

22.*

22.1.0-1
22.3.0-1
22.5.4-1

Ecosystem specific

{
    "urgency": "end-of-life"
}

Debian:12 / intel-mediasdk

Package

Name
intel-mediasdk
Purl
pkg:deb/debian/intel-mediasdk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.5.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / onevpl-intel-gpu

Package

Name
onevpl-intel-gpu
Purl
pkg:deb/debian/onevpl-intel-gpu?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.6.4-1

23.*

23.2.3-1

24.*

24.3.3-1
24.3.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / onevpl-intel-gpu

Package

Name
onevpl-intel-gpu
Purl
pkg:deb/debian/onevpl-intel-gpu?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.3.3-1

Affected versions

22.*

22.6.4-1

23.*

23.2.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}