Bugzilla – Bug 1226901
VUL-0: CVE-2023-47169: libmfx: improper buffer restrictions
Last modified: 2024-07-02 14:53:14 UTC
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html CVEID: CVE-2023-47169 Description: Improper buffer restrictions in Intel® Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access. CVSS Base Score: 3.3 Low CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
I already addressed this pro-actively in February for sle15-sp6 and Tumbleweed. ------------------------------------------------------------------- Mon Feb 5 09:07:36 UTC 2024 - Stefan Dirsch <sndirsch@suse.com> - disabled compiling samples, tools and tutorials, which are no longer packaged anyway ------------------------------------------------------------------- Sat Feb 3 18:29:23 UTC 2024 - Stefan Dirsch <sndirsch@suse.com> - only package hardware specific ibmfxhw64 (+ libmfx_<codec>_hw64 plugins) loaded during runtime by libvpl (boo#1219494) - drop -devel and -samples subpackages ------------------------------------------------------------------- Sat Feb 3 11:33:41 UTC 2024 - Stefan Dirsch <sndirsch@suse.com> - added hardware supplements, so it will be installed on GPUs which are not supported by libmfx-gen (boo#1219494) For older products I have no idea how to address that. Intel just tells us to switch to VPL, which means a lot of changes in other components, which we did for SP6 and TW, but probably can't do for older already existing products.