CVE-2023-22656

Publication date 16 May 2024

Last updated 11 July 2025


Ubuntu priority

Cvss 3 Severity Score

3.9 · Low

Score breakdown

Description

Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Read the notes from the security team

Why is this CVE low priority?

This is rated low severity by Intel

Learn more about Ubuntu priority

Status

Package Ubuntu Release Status
intel-mediasdk 26.04 LTS resolute Not in release
25.10 questing Not in release
25.04 plucky Not in release
24.10 oracular Ignored end of life, was needed
24.04 LTS noble
Vulnerable
22.04 LTS jammy
Vulnerable
20.04 LTS focal
Vulnerable
onevpl 26.04 LTS resolute Not in release
25.10 questing Not in release
25.04 plucky Not in release
24.10 oracular Ignored end of life, was needed
24.04 LTS noble
Vulnerable
22.04 LTS jammy
Vulnerable
20.04 LTS focal Not in release

Notes


mdeslaur

There is no fix available from Intel for intel-mediasdk

Severity score breakdown

CVSS version: CVSS v3.0

Base score 3.9 · Low

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N


Access our resources on patching vulnerabilities