DEBIAN-CVE-2023-47282

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-47282

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-47282.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-47282

Upstream

CVE-2023-47282

Published

2024-05-16T21:16:00.423Z

Modified

2025-11-20T10:16:46.704931Z

Severity

3.9 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L CVSS Calculator

Summary

[none]

Details

Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

https://security-tracker.debian.org/tracker/CVE-2023-47282

Affected packages

Debian:11 / intel-mediasdk

Package

Name: intel-mediasdk
Purl: pkg:deb/debian/intel-mediasdk?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

21.*

21.1.0-1

21.3.2-1

21.3.4-1

22.*

22.1.0-1

22.3.0-1

22.5.4-1

Ecosystem specific

{
    "urgency": "end-of-life"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-47282.json"

Debian:12 / intel-mediasdk

Package

Name: intel-mediasdk
Purl: pkg:deb/debian/intel-mediasdk?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.5.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-47282.json"

Debian:12 / onevpl-intel-gpu

Package

Name: onevpl-intel-gpu
Purl: pkg:deb/debian/onevpl-intel-gpu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.6.4-1

23.*

23.2.3-1

24.*

24.3.3-1

24.3.4-1

25.*

25.1.2-1

25.1.4-1

25.3.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-47282.json"

Debian:13 / onevpl-intel-gpu

Package

Name: onevpl-intel-gpu
Purl: pkg:deb/debian/onevpl-intel-gpu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

24.3.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-47282.json"

Debian:14 / onevpl-intel-gpu

Package

Name: onevpl-intel-gpu
Purl: pkg:deb/debian/onevpl-intel-gpu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

24.3.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-47282.json"