CVE-2024-28051

Publication date 13 November 2024

Last updated 3 July 2025


Ubuntu priority

Cvss 3 Severity Score

2.2 · Low

Score breakdown

Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable information disclosure via local access.

Status

Package Ubuntu Release Status
intel-mediasdk 25.04 plucky Not in release
24.10 oracular Ignored end of life, was needs-triage
24.04 LTS noble
Needs evaluation
22.04 LTS jammy
Needs evaluation
20.04 LTS focal
Needs evaluation
onevpl-intel-gpu 25.04 plucky
Not affected
24.10 oracular
Not affected
24.04 LTS noble
Needs evaluation
22.04 LTS jammy
Needs evaluation
20.04 LTS focal Not in release

Severity score breakdown

Parameter Value
Base score 2.2 · Low
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Scope Unchanged
Confidentiality Low
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N