CVE-2023-22656
Publication date 16 May 2024
Last updated 11 July 2025
Ubuntu priority
Cvss 3 Severity Score
Description
Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Read the notes from the security team
Why is this CVE low priority?
This is rated low severity by Intel
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| intel-mediasdk | 26.04 LTS resolute | Not in release |
| 24.04 LTS noble |
Vulnerable
|
|
| 22.04 LTS jammy |
Vulnerable
|
|
| 20.04 LTS focal |
Vulnerable
|
|
| onevpl | 26.04 LTS resolute | Not in release |
| 24.04 LTS noble |
Vulnerable
|
|
| 22.04 LTS jammy |
Vulnerable
|
|
| 20.04 LTS focal | Not in release |
Notes
Severity score breakdown
CVSS version: CVSS v3.0
Base score
3.9 · Low
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N