DEBIAN-CVE-2023-22656

DEBIAN-CVE-2023-22656 PUBLISHED CVSS 3.9000000953674316 LOW

Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Risk Scores

CVSS 3.1

3.9000000953674316

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:12	onevpl-intel-gpu	0, 24.3.3-1, 23.2.3-1
Debian:14	onevpl-intel-gpu	0, 0, 0
Debian:13	onevpl-intel-gpu	0, 0, 0
Debian:12	intel-mediasdk	22.5.4-1, 0, 22.5.4-1
Debian:11	intel-mediasdk	21.1.0-1, 0, 22.5.4-1

Timeline

May 16, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-22656 advisory

Open in Interactive Console →