Lucene search

GoogleOSV:CVE-2023-22840

HistoryAug 11, 2023 - 3:15 a.m.

CVE-2023-22840

2023-08-1103:15:17

Google

osv.dev

improper neutralization

intel onevpl

gpu software

denial of service

local access

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Improper neutralization in software for the Intel® oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html

lists.fedoraproject.org/archives/list/[email protected]/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW/

lists.fedoraproject.org/archives/list/[email protected]/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS/

lists.fedoraproject.org/archives/list/[email protected]/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV/

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for OSV:CVE-2023-22840