Description

Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.

Related CPE's

a

intel

onevpl_gpu_runtime

Vulnerable

o

fedoraproject

fedora

3

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html

Vendor Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW/

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS/

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV/

Mailing ListThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-125

[email protected]

Secondary
CWE-125

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-08-11T03:15:16.780

1 year ago

Last modified

2023-11-08T03:08:52.440

1 year ago