UBUNTU-CVE-2023-22656

See a problem?
Source
https://ubuntu.com/security/notices/UBUNTU-CVE-2023-22656
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-22656.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-22656
Related
Published
2024-09-19T00:00:00Z
Modified
2024-09-19T00:00:00Z
Summary
[none]
Details

Out-of-bounds read in Intel Media SDK and some Intel oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

Affected packages

Ubuntu:20.04:LTS / intel-mediasdk

Package

Name
intel-mediasdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

19.*

19.2.1-1
19.4.0-1
19.4.0-1build1

20.*

20.1.0-0ubuntu1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / intel-mediasdk

Package

Name
intel-mediasdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

21.*

21.1.0-1
21.3.4-1

22.*

22.1.0-1
22.3.0-1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / onevpl

Package

Name
onevpl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2022.*

2022.0.4-1
2022.1.0-2

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / intel-mediasdk

Package

Name
intel-mediasdk

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.5.4-1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / onevpl

Package

Name
onevpl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.3.0-1
2023.3.0-1build1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}