UBUNTU-CVE-2023-22656

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2023-22656

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-22656.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2023-22656

Upstream

CVE-2023-22656

Published

2024-05-16T21:15:00Z

Modified

2025-10-24T05:01:46Z

Severity

3.9 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
Ubuntu - low

Summary

[none]

Details

Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

Affected packages

Ubuntu:20.04:LTS / intel-mediasdk

Package

Name: intel-mediasdk
Purl: pkg:deb/ubuntu/intel-mediasdk@20.1.0-0ubuntu1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

19.*

19.2.1-1

19.4.0-1

19.4.0-1build1

20.*

20.1.0-0ubuntu1

Ecosystem specific

{
    "priority_reason": "This is rated low severity by Intel",
    "binaries": [
        {
            "binary_name": "libmfx-dev",
            "binary_version": "20.1.0-0ubuntu1"
        },
        {
            "binary_name": "libmfx-tools",
            "binary_version": "20.1.0-0ubuntu1"
        },
        {
            "binary_name": "libmfx1",
            "binary_version": "20.1.0-0ubuntu1"
        }
    ]
}

Ubuntu:22.04:LTS / intel-mediasdk

Package

Name: intel-mediasdk
Purl: pkg:deb/ubuntu/intel-mediasdk@22.3.0-1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

21.*

21.1.0-1

21.3.4-1

22.*

22.1.0-1

22.3.0-1

Ecosystem specific

{
    "priority_reason": "This is rated low severity by Intel",
    "binaries": [
        {
            "binary_name": "libmfx-dev",
            "binary_version": "22.3.0-1"
        },
        {
            "binary_name": "libmfx-tools",
            "binary_version": "22.3.0-1"
        },
        {
            "binary_name": "libmfx1",
            "binary_version": "22.3.0-1"
        }
    ]
}

Ubuntu:22.04:LTS / onevpl

Package

Name: onevpl
Purl: pkg:deb/ubuntu/onevpl@2022.1.0-2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2022.*

2022.0.4-1

2022.1.0-2

Ecosystem specific

{
    "priority_reason": "This is rated low severity by Intel",
    "binaries": [
        {
            "binary_name": "libvpl-dev",
            "binary_version": "2022.1.0-2"
        },
        {
            "binary_name": "libvpl2",
            "binary_version": "2022.1.0-2"
        },
        {
            "binary_name": "onevpl-tools",
            "binary_version": "2022.1.0-2"
        }
    ]
}

Ubuntu:24.04:LTS / intel-mediasdk

Package

Name: intel-mediasdk
Purl: pkg:deb/ubuntu/intel-mediasdk@22.5.4-1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.5.4-1

Ecosystem specific

{
    "priority_reason": "This is rated low severity by Intel",
    "binaries": [
        {
            "binary_name": "libmfx-dev",
            "binary_version": "22.5.4-1"
        },
        {
            "binary_name": "libmfx-tools",
            "binary_version": "22.5.4-1"
        },
        {
            "binary_name": "libmfx1",
            "binary_version": "22.5.4-1"
        }
    ]
}

Ubuntu:24.04:LTS / onevpl

Package

Name: onevpl
Purl: pkg:deb/ubuntu/onevpl@2023.3.0-1build1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.3.0-1

2023.3.0-1build1

Ecosystem specific

{
    "priority_reason": "This is rated low severity by Intel",
    "binaries": [
        {
            "binary_name": "libvpl-dev",
            "binary_version": "2023.3.0-1build1"
        },
        {
            "binary_name": "libvpl2",
            "binary_version": "2023.3.0-1build1"
        },
        {
            "binary_name": "onevpl-tools",
            "binary_version": "2023.3.0-1build1"
        }
    ]
}