Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-39929 (GCVE-0-2023-39929)
Vulnerability from cvelistv5 – Published: 2024-05-16 20:47 – Updated: 2024-09-06 19:47
VLAI
EPSS
Summary
Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Libva software maintained by Intel(R) |
Affected:
before version 2.20.0
|
|
| intel | libva |
Affected:
0 , < 2.20.0
(custom)
cpe:2.3:a:intel:libva:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:10.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:libva:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libva",
"vendor": "intel",
"versions": [
{
"lessThan": "2.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39929",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T19:19:51.126524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T19:47:26.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Libva software maintained by Intel(R)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.20.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T20:47:35.322Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-39929",
"datePublished": "2024-05-16T20:47:35.322Z",
"dateReserved": "2023-09-14T03:00:04.745Z",
"dateUpdated": "2024-09-06T19:47:26.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-39929",
"date": "2026-06-02",
"epss": "0.00022",
"percentile": "0.06329"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\"}, {\"lang\": \"es\", \"value\": \" La ruta de b\\u00fasqueda no controlada en alg\\u00fan software Libva mantenido por Intel(R) antes de la versi\\u00f3n 2.20.0 puede permitir que un usuario autenticado potencialmente habilite la escalada de privilegios a trav\\u00e9s del acceso local.\"}]",
"id": "CVE-2023-39929",
"lastModified": "2024-11-21T08:16:03.650",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@intel.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}]}",
"published": "2024-05-16T21:15:53.420",
"references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"secure@intel.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-427\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-39929\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2024-05-16T21:15:53.420\",\"lastModified\":\"2024-11-21T08:16:03.650\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\" La ruta de b\u00fasqueda no controlada en alg\u00fan software Libva mantenido por Intel(R) antes de la versi\u00f3n 2.20.0 puede permitir que un usuario autenticado potencialmente habilite la escalada de privilegios a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T18:18:10.176Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-39929\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-05T19:19:51.126524Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:intel:libva:*:*:*:*:*:*:*:*\"], \"vendor\": \"intel\", \"product\": \"libva\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.20.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-28T13:57:24.280Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Libva software maintained by Intel(R)\", \"versions\": [{\"status\": \"affected\", \"version\": \"before version 2.20.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"escalation of privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-427\", \"description\": \"Uncontrolled search path\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2024-05-16T20:47:35.322Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-39929\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-06T19:47:26.556Z\", \"dateReserved\": \"2023-09-14T03:00:04.745Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2024-05-16T20:47:35.322Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0397
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Bibliothèque Libva iotg-lin-gfx-libva toutes verions
- Bibliothèque Libva versions antérieures à 2.20.0
- Installateur Endurance Gaming Mode versions antérieures à 1.3.937.0
- Intel Advisor versions antérieures à 2024.0
- Intel Agilex 7 FPGA et SoC FPGA versions antérieures à 2.9.0
- Intel Arc & Iris Xe Graphics versions antérieures à 31.0.101.5081
- Intel Arc Control versions antérieures à 1.73.5335.2
- Intel Chipset Device Software versions antérieures à 10.1.19444.8378
- Intel Code Base Investigator (CBI) versions antérieures à 1.1.0
- Intel Computing Improvement Program versions antérieures à 2.4.10654
- Intel Context Sensing Technology (CST) versions antérieures à 2.1.10300
- Intel Data Center GPU Max Series 1100 and 1550 toutes versions
- Intel Distribution pour GDB versions antérieures à 2024.0
- Intel Dynamic Load Balancer versions antérieures à 8.5.0
- Intel Dynamic Tuning Technology (DTT) sans les derniers correctifs de sécurité
- Intel Ethernet Adapter Complete Driver Pack versions antérieures à 28.3
- Intel Ethernet Adapters versions antérieures à 29.0.1
- Intel Ethernet Connections Boot Utility, Preboot Images et EFI Drivers versions antérieures à 28.3
- Intel Extreme Tuning Utility (XTU) versions antérieures à 7.14.0.15
- Intel Graphics Command Center Service embarqué dans le pilote Intel Graphics Windows DCH versions antérieures à 31.0.101.3790 et 31.0.101.2114
- Intel Graphics Performance Analyzers (GPA) Framework versions antérieures à 2023.4.
- Intel Graphics Performance Analyzers (GPA) versions antérieures à 2023.4.
- Intel HPC Toolkit versions antérieures à 2024.0
- Intel Inspector versions antérieures à 2024.0
- Intel Media SDK toutes versions
- Intel Neural Compressor versions antérieures à 2.5.0
- Intel oneAPI Base Toolkit versions antérieures à 2024.0
- Intel oneAPI HPC Toolkit versions antérieures à 2024.0.1.
- Intel oneVPL versions antérieures à 23.3.5
- Intel Performance Counter Monitor (PCM) versions antérieures à 202311
- Intel Power Gadget toutes versions
- Intel Processor Diagnostic Tool versions antérieures à 4.1.9.41
- Intel Processor Identification Utility versions antérieures à 7.1.6
- Intel Processor Identification Utility-Legacy versions antérieures à 6.10.34.1129
- Intel Quartus Prime Lite, Standard et Pro Design versions antérieures à 23.1
- Intel Stratix 10 FPGA et SoC FPGA versions antérieures à 2.9.0
- Intel Trace Analyzer and Collector versions antérieures à 2022.0.0 publiées en novembre 2023
- Intel Trust Domain Extensions (TDX) module versions antérieures à TDX_1.5.05.46.698
- Intel VTune Profiler versions antérieures à 2024.0
- Logiciels Intel PROSet/Wireless WiFi et Bluetooth versions antérieures à 23.20
- Micrologiciel Intel Bios Guard sans les derniers correctifs de sécurité
- Micrologiciel Intel Bios PPAM sans les derniers correctifs de sécurité
- Micrologiciel Intel Ethernet Controller I225 Manageability versions antérieures à NVM 1.87
- Micrologiciel UEFI pour Intel Server Board S2600BP toutes versions
- Micrologiciel UEFI pour Intel Server D50DNP sans les derniers correctifs de sécurité
- Micrologiciel UEFI pour Intel Server M50FCP sans les derniers correctifs de sécurité
- Micrologiciels pour Intel Agilex 7 FPGA et SoC FPGA versions antérieures à 23.3
- Micrologiciels pour Intel Stratix 10 FPGA et SoC FPGA versions antérieures à 23.3
- Pilote Intel Thunderbolt versions antérieures à 89
- Pilote Onboard vidéo versions antérieures à 1.14 pour Intel Server Boards basés sur des puces Intel 62X
- Processeurs Intel Core Ultra, plateforme Meteor Lake sans les derniers correctifs de sécurité
- Programme de désinstallation Intel Driver & Support Assistant (DSA) versions antérieures à 23.4.39.10
Intel a indiqué qu'aucun correctif de sécurité ne sera fourni pour Intel Power Gadget et pour le micrologiciel UEFI pour Intel Server Board S2600BP. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des produits affectés par les vulnérabilité CVE-2023-45733 et CVE-2024-21823 (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eBiblioth\u00e8que Libva iotg-lin-gfx-libva toutes verions\u003c/li\u003e \u003cli\u003eBiblioth\u00e8que Libva versions ant\u00e9rieures \u00e0 2.20.0\u003c/li\u003e \u003cli\u003eInstallateur Endurance Gaming Mode versions ant\u00e9rieures \u00e0 1.3.937.0\u003c/li\u003e \u003cli\u003eIntel Advisor versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Agilex 7 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 2.9.0\u003c/li\u003e \u003cli\u003eIntel Arc \u0026amp; Iris Xe Graphics versions ant\u00e9rieures \u00e0 31.0.101.5081\u003c/li\u003e \u003cli\u003eIntel Arc Control versions ant\u00e9rieures \u00e0 1.73.5335.2\u003c/li\u003e \u003cli\u003eIntel Chipset Device Software versions ant\u00e9rieures \u00e0 10.1.19444.8378\u003c/li\u003e \u003cli\u003eIntel Code Base Investigator (CBI) versions ant\u00e9rieures \u00e0 1.1.0\u003c/li\u003e \u003cli\u003eIntel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.4.10654\u003c/li\u003e \u003cli\u003eIntel Context Sensing Technology (CST) versions ant\u00e9rieures \u00e0 2.1.10300\u003c/li\u003e \u003cli\u003eIntel Data Center GPU Max Series 1100 and 1550 toutes versions\u003c/li\u003e \u003cli\u003eIntel Distribution pour GDB versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Dynamic Load Balancer versions ant\u00e9rieures \u00e0 8.5.0\u003c/li\u003e \u003cli\u003eIntel Dynamic Tuning Technology (DTT) sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eIntel Ethernet Adapter Complete Driver Pack versions ant\u00e9rieures \u00e0 28.3\u003c/li\u003e \u003cli\u003eIntel Ethernet Adapters versions ant\u00e9rieures \u00e0 29.0.1\u003c/li\u003e \u003cli\u003eIntel Ethernet Connections Boot Utility, Preboot Images et EFI Drivers versions ant\u00e9rieures \u00e0 28.3\u003c/li\u003e \u003cli\u003eIntel Extreme Tuning Utility (XTU) versions ant\u00e9rieures \u00e0 7.14.0.15\u003c/li\u003e \u003cli\u003eIntel Graphics Command Center Service embarqu\u00e9 dans le pilote Intel Graphics Windows DCH versions ant\u00e9rieures \u00e0 31.0.101.3790 et 31.0.101.2114\u003c/li\u003e \u003cli\u003eIntel Graphics Performance Analyzers (GPA) Framework versions ant\u00e9rieures \u00e0 2023.4.\u003c/li\u003e \u003cli\u003eIntel Graphics Performance Analyzers (GPA) versions ant\u00e9rieures \u00e0 2023.4.\u003c/li\u003e \u003cli\u003eIntel HPC Toolkit versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Inspector versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Media SDK toutes versions\u003c/li\u003e \u003cli\u003eIntel Neural Compressor versions ant\u00e9rieures \u00e0 2.5.0\u003c/li\u003e \u003cli\u003eIntel oneAPI Base Toolkit versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2024.0.1.\u003c/li\u003e \u003cli\u003eIntel oneVPL versions ant\u00e9rieures \u00e0 23.3.5\u003c/li\u003e \u003cli\u003eIntel Performance Counter Monitor (PCM) versions ant\u00e9rieures \u00e0 202311\u003c/li\u003e \u003cli\u003eIntel Power Gadget toutes versions\u003c/li\u003e \u003cli\u003eIntel Processor Diagnostic Tool versions ant\u00e9rieures \u00e0 4.1.9.41\u003c/li\u003e \u003cli\u003eIntel Processor Identification Utility versions ant\u00e9rieures \u00e0 7.1.6\u003c/li\u003e \u003cli\u003eIntel Processor Identification Utility-Legacy versions ant\u00e9rieures \u00e0 6.10.34.1129\u003c/li\u003e \u003cli\u003eIntel Quartus Prime Lite, Standard et Pro Design versions ant\u00e9rieures \u00e0 23.1\u003c/li\u003e \u003cli\u003eIntel Stratix 10 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 2.9.0\u003c/li\u003e \u003cli\u003eIntel Trace Analyzer and Collector versions ant\u00e9rieures \u00e0 2022.0.0 publi\u00e9es en novembre 2023\u003c/li\u003e \u003cli\u003eIntel Trust Domain Extensions (TDX) module versions ant\u00e9rieures \u00e0 TDX_1.5.05.46.698\u003c/li\u003e \u003cli\u003eIntel VTune Profiler versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eLogiciels Intel PROSet/Wireless WiFi et Bluetooth versions ant\u00e9rieures \u00e0 23.20\u003c/li\u003e \u003cli\u003eMicrologiciel Intel Bios Guard sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciel Intel Bios PPAM sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciel Intel Ethernet Controller I225 Manageability versions ant\u00e9rieures \u00e0 NVM 1.87\u003c/li\u003e \u003cli\u003eMicrologiciel UEFI pour Intel Server Board S2600BP toutes versions\u003c/li\u003e \u003cli\u003eMicrologiciel UEFI pour Intel Server D50DNP sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciel UEFI pour Intel Server M50FCP sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciels pour Intel Agilex 7 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 23.3\u003c/li\u003e \u003cli\u003eMicrologiciels pour Intel Stratix 10 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 23.3\u003c/li\u003e \u003cli\u003ePilote Intel Thunderbolt versions ant\u00e9rieures \u00e0 89\u003c/li\u003e \u003cli\u003ePilote Onboard vid\u00e9o versions ant\u00e9rieures \u00e0 1.14 pour Intel Server Boards bas\u00e9s sur des puces Intel 62X\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core Ultra, plateforme Meteor Lake sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eProgramme de d\u00e9sinstallation Intel Driver \u0026amp; Support Assistant (DSA) versions ant\u00e9rieures \u00e0 23.4.39.10\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eIntel a indiqu\u00e9 qu\u0027aucun correctif de s\u00e9curit\u00e9 ne sera fourni pour Intel Power Gadget et pour le micrologiciel UEFI pour Intel Server Board S2600BP. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des produits affect\u00e9s par les vuln\u00e9rabilit\u00e9 CVE-2023-45733 et CVE-2024-21823 (cf. section Documentation).\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-22379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22379"
},
{
"name": "CVE-2023-35192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35192"
},
{
"name": "CVE-2024-24971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24971"
},
{
"name": "CVE-2024-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21864"
},
{
"name": "CVE-2023-46103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46103"
},
{
"name": "CVE-2023-47859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47859"
},
{
"name": "CVE-2024-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21862"
},
{
"name": "CVE-2021-33146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33146"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2023-46689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46689"
},
{
"name": "CVE-2023-45845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45845"
},
{
"name": "CVE-2024-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
},
{
"name": "CVE-2024-21818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21818"
},
{
"name": "CVE-2021-33161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33161"
},
{
"name": "CVE-2023-45846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45846"
},
{
"name": "CVE-2024-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21861"
},
{
"name": "CVE-2021-33157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33157"
},
{
"name": "CVE-2023-42433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42433"
},
{
"name": "CVE-2021-33162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33162"
},
{
"name": "CVE-2021-33158",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33158"
},
{
"name": "CVE-2023-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38581"
},
{
"name": "CVE-2022-37341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37341"
},
{
"name": "CVE-2024-23487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23487"
},
{
"name": "CVE-2023-41082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41082"
},
{
"name": "CVE-2023-43629",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43629"
},
{
"name": "CVE-2024-22382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22382"
},
{
"name": "CVE-2023-43745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43745"
},
{
"name": "CVE-2021-33141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33141"
},
{
"name": "CVE-2023-28383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28383"
},
{
"name": "CVE-2023-45736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45736"
},
{
"name": "CVE-2024-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21835"
},
{
"name": "CVE-2023-22662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22662"
},
{
"name": "CVE-2024-21813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21813"
},
{
"name": "CVE-2024-21831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21831"
},
{
"name": "CVE-2023-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41234"
},
{
"name": "CVE-2023-45743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45743"
},
{
"name": "CVE-2023-39433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39433"
},
{
"name": "CVE-2023-43751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43751"
},
{
"name": "CVE-2023-45315",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45315"
},
{
"name": "CVE-2023-42668",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42668"
},
{
"name": "CVE-2024-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21828"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2023-38417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38417"
},
{
"name": "CVE-2023-40070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40070"
},
{
"name": "CVE-2023-39929",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39929"
},
{
"name": "CVE-2024-22476",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22476"
},
{
"name": "CVE-2023-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40155"
},
{
"name": "CVE-2024-21774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21774"
},
{
"name": "CVE-2024-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21772"
},
{
"name": "CVE-2024-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21814"
},
{
"name": "CVE-2023-45320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45320"
},
{
"name": "CVE-2022-37410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37410"
},
{
"name": "CVE-2023-29165",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29165"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2023-27504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27504"
},
{
"name": "CVE-2023-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48727"
},
{
"name": "CVE-2021-33142",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33142"
},
{
"name": "CVE-2023-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38420"
},
{
"name": "CVE-2024-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22015"
},
{
"name": "CVE-2023-45221",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45221"
},
{
"name": "CVE-2023-47855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47855"
},
{
"name": "CVE-2023-45217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45217"
},
{
"name": "CVE-2024-22390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22390"
},
{
"name": "CVE-2024-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21792"
},
{
"name": "CVE-2024-21837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21837"
},
{
"name": "CVE-2023-38654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38654"
},
{
"name": "CVE-2023-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41092"
},
{
"name": "CVE-2023-27305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27305"
},
{
"name": "CVE-2023-49614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49614"
},
{
"name": "CVE-2024-22384",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22384"
},
{
"name": "CVE-2023-40536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40536"
},
{
"name": "CVE-2023-42773",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42773"
},
{
"name": "CVE-2023-24460",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24460"
},
{
"name": "CVE-2024-23980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23980"
},
{
"name": "CVE-2023-47165",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47165"
},
{
"name": "CVE-2023-41961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41961"
},
{
"name": "CVE-2023-43487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43487"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2024-24981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24981"
},
{
"name": "CVE-2024-21777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21777"
},
{
"name": "CVE-2023-45745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45745"
},
{
"name": "CVE-2024-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21809"
},
{
"name": "CVE-2023-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47210"
},
{
"name": "CVE-2023-28402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28402"
},
{
"name": "CVE-2024-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21843"
},
{
"name": "CVE-2023-40071",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40071"
},
{
"name": "CVE-2023-25952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25952"
},
{
"name": "CVE-2023-46691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46691"
},
{
"name": "CVE-2023-45733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45733"
},
{
"name": "CVE-2024-21841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21841"
},
{
"name": "CVE-2023-43748",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43748"
},
{
"name": "CVE-2024-21788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21788"
},
{
"name": "CVE-2024-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22095"
},
{
"name": "CVE-2022-42879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42879"
},
{
"name": "CVE-2021-33145",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33145"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0397",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\n\u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01012 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01035 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01035.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00983 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00983.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01036 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01037 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01037.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01034 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01034.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01067 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01067.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01042 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01042.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00984 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00984.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01032 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01032.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00756 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00756.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01020 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01021 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01021.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01054 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01054.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01051 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01066 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01066.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01056 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01056.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01039 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01039.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01007 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01007.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00814 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00814.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01047 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01047.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01052 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01055 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01055.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01031 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01031.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00996 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00996.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01013 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01013.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01059 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01059.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00916 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00916.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01080 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01053 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01053.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00935 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00962 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00962.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00965 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00965.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01041 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01041.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00937 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00937.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01084 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01043 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01043.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01109 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01109.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01069 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01069.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00831 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00831.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01050 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01050.html"
}
]
}
CERTFR-2024-AVI-0397
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Bibliothèque Libva iotg-lin-gfx-libva toutes verions
- Bibliothèque Libva versions antérieures à 2.20.0
- Installateur Endurance Gaming Mode versions antérieures à 1.3.937.0
- Intel Advisor versions antérieures à 2024.0
- Intel Agilex 7 FPGA et SoC FPGA versions antérieures à 2.9.0
- Intel Arc & Iris Xe Graphics versions antérieures à 31.0.101.5081
- Intel Arc Control versions antérieures à 1.73.5335.2
- Intel Chipset Device Software versions antérieures à 10.1.19444.8378
- Intel Code Base Investigator (CBI) versions antérieures à 1.1.0
- Intel Computing Improvement Program versions antérieures à 2.4.10654
- Intel Context Sensing Technology (CST) versions antérieures à 2.1.10300
- Intel Data Center GPU Max Series 1100 and 1550 toutes versions
- Intel Distribution pour GDB versions antérieures à 2024.0
- Intel Dynamic Load Balancer versions antérieures à 8.5.0
- Intel Dynamic Tuning Technology (DTT) sans les derniers correctifs de sécurité
- Intel Ethernet Adapter Complete Driver Pack versions antérieures à 28.3
- Intel Ethernet Adapters versions antérieures à 29.0.1
- Intel Ethernet Connections Boot Utility, Preboot Images et EFI Drivers versions antérieures à 28.3
- Intel Extreme Tuning Utility (XTU) versions antérieures à 7.14.0.15
- Intel Graphics Command Center Service embarqué dans le pilote Intel Graphics Windows DCH versions antérieures à 31.0.101.3790 et 31.0.101.2114
- Intel Graphics Performance Analyzers (GPA) Framework versions antérieures à 2023.4.
- Intel Graphics Performance Analyzers (GPA) versions antérieures à 2023.4.
- Intel HPC Toolkit versions antérieures à 2024.0
- Intel Inspector versions antérieures à 2024.0
- Intel Media SDK toutes versions
- Intel Neural Compressor versions antérieures à 2.5.0
- Intel oneAPI Base Toolkit versions antérieures à 2024.0
- Intel oneAPI HPC Toolkit versions antérieures à 2024.0.1.
- Intel oneVPL versions antérieures à 23.3.5
- Intel Performance Counter Monitor (PCM) versions antérieures à 202311
- Intel Power Gadget toutes versions
- Intel Processor Diagnostic Tool versions antérieures à 4.1.9.41
- Intel Processor Identification Utility versions antérieures à 7.1.6
- Intel Processor Identification Utility-Legacy versions antérieures à 6.10.34.1129
- Intel Quartus Prime Lite, Standard et Pro Design versions antérieures à 23.1
- Intel Stratix 10 FPGA et SoC FPGA versions antérieures à 2.9.0
- Intel Trace Analyzer and Collector versions antérieures à 2022.0.0 publiées en novembre 2023
- Intel Trust Domain Extensions (TDX) module versions antérieures à TDX_1.5.05.46.698
- Intel VTune Profiler versions antérieures à 2024.0
- Logiciels Intel PROSet/Wireless WiFi et Bluetooth versions antérieures à 23.20
- Micrologiciel Intel Bios Guard sans les derniers correctifs de sécurité
- Micrologiciel Intel Bios PPAM sans les derniers correctifs de sécurité
- Micrologiciel Intel Ethernet Controller I225 Manageability versions antérieures à NVM 1.87
- Micrologiciel UEFI pour Intel Server Board S2600BP toutes versions
- Micrologiciel UEFI pour Intel Server D50DNP sans les derniers correctifs de sécurité
- Micrologiciel UEFI pour Intel Server M50FCP sans les derniers correctifs de sécurité
- Micrologiciels pour Intel Agilex 7 FPGA et SoC FPGA versions antérieures à 23.3
- Micrologiciels pour Intel Stratix 10 FPGA et SoC FPGA versions antérieures à 23.3
- Pilote Intel Thunderbolt versions antérieures à 89
- Pilote Onboard vidéo versions antérieures à 1.14 pour Intel Server Boards basés sur des puces Intel 62X
- Processeurs Intel Core Ultra, plateforme Meteor Lake sans les derniers correctifs de sécurité
- Programme de désinstallation Intel Driver & Support Assistant (DSA) versions antérieures à 23.4.39.10
Intel a indiqué qu'aucun correctif de sécurité ne sera fourni pour Intel Power Gadget et pour le micrologiciel UEFI pour Intel Server Board S2600BP. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des produits affectés par les vulnérabilité CVE-2023-45733 et CVE-2024-21823 (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eBiblioth\u00e8que Libva iotg-lin-gfx-libva toutes verions\u003c/li\u003e \u003cli\u003eBiblioth\u00e8que Libva versions ant\u00e9rieures \u00e0 2.20.0\u003c/li\u003e \u003cli\u003eInstallateur Endurance Gaming Mode versions ant\u00e9rieures \u00e0 1.3.937.0\u003c/li\u003e \u003cli\u003eIntel Advisor versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Agilex 7 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 2.9.0\u003c/li\u003e \u003cli\u003eIntel Arc \u0026amp; Iris Xe Graphics versions ant\u00e9rieures \u00e0 31.0.101.5081\u003c/li\u003e \u003cli\u003eIntel Arc Control versions ant\u00e9rieures \u00e0 1.73.5335.2\u003c/li\u003e \u003cli\u003eIntel Chipset Device Software versions ant\u00e9rieures \u00e0 10.1.19444.8378\u003c/li\u003e \u003cli\u003eIntel Code Base Investigator (CBI) versions ant\u00e9rieures \u00e0 1.1.0\u003c/li\u003e \u003cli\u003eIntel Computing Improvement Program versions ant\u00e9rieures \u00e0 2.4.10654\u003c/li\u003e \u003cli\u003eIntel Context Sensing Technology (CST) versions ant\u00e9rieures \u00e0 2.1.10300\u003c/li\u003e \u003cli\u003eIntel Data Center GPU Max Series 1100 and 1550 toutes versions\u003c/li\u003e \u003cli\u003eIntel Distribution pour GDB versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Dynamic Load Balancer versions ant\u00e9rieures \u00e0 8.5.0\u003c/li\u003e \u003cli\u003eIntel Dynamic Tuning Technology (DTT) sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eIntel Ethernet Adapter Complete Driver Pack versions ant\u00e9rieures \u00e0 28.3\u003c/li\u003e \u003cli\u003eIntel Ethernet Adapters versions ant\u00e9rieures \u00e0 29.0.1\u003c/li\u003e \u003cli\u003eIntel Ethernet Connections Boot Utility, Preboot Images et EFI Drivers versions ant\u00e9rieures \u00e0 28.3\u003c/li\u003e \u003cli\u003eIntel Extreme Tuning Utility (XTU) versions ant\u00e9rieures \u00e0 7.14.0.15\u003c/li\u003e \u003cli\u003eIntel Graphics Command Center Service embarqu\u00e9 dans le pilote Intel Graphics Windows DCH versions ant\u00e9rieures \u00e0 31.0.101.3790 et 31.0.101.2114\u003c/li\u003e \u003cli\u003eIntel Graphics Performance Analyzers (GPA) Framework versions ant\u00e9rieures \u00e0 2023.4.\u003c/li\u003e \u003cli\u003eIntel Graphics Performance Analyzers (GPA) versions ant\u00e9rieures \u00e0 2023.4.\u003c/li\u003e \u003cli\u003eIntel HPC Toolkit versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Inspector versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel Media SDK toutes versions\u003c/li\u003e \u003cli\u003eIntel Neural Compressor versions ant\u00e9rieures \u00e0 2.5.0\u003c/li\u003e \u003cli\u003eIntel oneAPI Base Toolkit versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eIntel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2024.0.1.\u003c/li\u003e \u003cli\u003eIntel oneVPL versions ant\u00e9rieures \u00e0 23.3.5\u003c/li\u003e \u003cli\u003eIntel Performance Counter Monitor (PCM) versions ant\u00e9rieures \u00e0 202311\u003c/li\u003e \u003cli\u003eIntel Power Gadget toutes versions\u003c/li\u003e \u003cli\u003eIntel Processor Diagnostic Tool versions ant\u00e9rieures \u00e0 4.1.9.41\u003c/li\u003e \u003cli\u003eIntel Processor Identification Utility versions ant\u00e9rieures \u00e0 7.1.6\u003c/li\u003e \u003cli\u003eIntel Processor Identification Utility-Legacy versions ant\u00e9rieures \u00e0 6.10.34.1129\u003c/li\u003e \u003cli\u003eIntel Quartus Prime Lite, Standard et Pro Design versions ant\u00e9rieures \u00e0 23.1\u003c/li\u003e \u003cli\u003eIntel Stratix 10 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 2.9.0\u003c/li\u003e \u003cli\u003eIntel Trace Analyzer and Collector versions ant\u00e9rieures \u00e0 2022.0.0 publi\u00e9es en novembre 2023\u003c/li\u003e \u003cli\u003eIntel Trust Domain Extensions (TDX) module versions ant\u00e9rieures \u00e0 TDX_1.5.05.46.698\u003c/li\u003e \u003cli\u003eIntel VTune Profiler versions ant\u00e9rieures \u00e0 2024.0\u003c/li\u003e \u003cli\u003eLogiciels Intel PROSet/Wireless WiFi et Bluetooth versions ant\u00e9rieures \u00e0 23.20\u003c/li\u003e \u003cli\u003eMicrologiciel Intel Bios Guard sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciel Intel Bios PPAM sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciel Intel Ethernet Controller I225 Manageability versions ant\u00e9rieures \u00e0 NVM 1.87\u003c/li\u003e \u003cli\u003eMicrologiciel UEFI pour Intel Server Board S2600BP toutes versions\u003c/li\u003e \u003cli\u003eMicrologiciel UEFI pour Intel Server D50DNP sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciel UEFI pour Intel Server M50FCP sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eMicrologiciels pour Intel Agilex 7 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 23.3\u003c/li\u003e \u003cli\u003eMicrologiciels pour Intel Stratix 10 FPGA et SoC FPGA versions ant\u00e9rieures \u00e0 23.3\u003c/li\u003e \u003cli\u003ePilote Intel Thunderbolt versions ant\u00e9rieures \u00e0 89\u003c/li\u003e \u003cli\u003ePilote Onboard vid\u00e9o versions ant\u00e9rieures \u00e0 1.14 pour Intel Server Boards bas\u00e9s sur des puces Intel 62X\u003c/li\u003e \u003cli\u003eProcesseurs Intel Core Ultra, plateforme Meteor Lake sans les derniers correctifs de s\u00e9curit\u00e9\u003c/li\u003e \u003cli\u003eProgramme de d\u00e9sinstallation Intel Driver \u0026amp; Support Assistant (DSA) versions ant\u00e9rieures \u00e0 23.4.39.10\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eIntel a indiqu\u00e9 qu\u0027aucun correctif de s\u00e9curit\u00e9 ne sera fourni pour Intel Power Gadget et pour le micrologiciel UEFI pour Intel Server Board S2600BP. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des produits affect\u00e9s par les vuln\u00e9rabilit\u00e9 CVE-2023-45733 et CVE-2024-21823 (cf. section Documentation).\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-22379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22379"
},
{
"name": "CVE-2023-35192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35192"
},
{
"name": "CVE-2024-24971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24971"
},
{
"name": "CVE-2024-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21864"
},
{
"name": "CVE-2023-46103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46103"
},
{
"name": "CVE-2023-47859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47859"
},
{
"name": "CVE-2024-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21862"
},
{
"name": "CVE-2021-33146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33146"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2023-46689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46689"
},
{
"name": "CVE-2023-45845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45845"
},
{
"name": "CVE-2024-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
},
{
"name": "CVE-2024-21818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21818"
},
{
"name": "CVE-2021-33161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33161"
},
{
"name": "CVE-2023-45846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45846"
},
{
"name": "CVE-2024-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21861"
},
{
"name": "CVE-2021-33157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33157"
},
{
"name": "CVE-2023-42433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42433"
},
{
"name": "CVE-2021-33162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33162"
},
{
"name": "CVE-2021-33158",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33158"
},
{
"name": "CVE-2023-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38581"
},
{
"name": "CVE-2022-37341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37341"
},
{
"name": "CVE-2024-23487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23487"
},
{
"name": "CVE-2023-41082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41082"
},
{
"name": "CVE-2023-43629",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43629"
},
{
"name": "CVE-2024-22382",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22382"
},
{
"name": "CVE-2023-43745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43745"
},
{
"name": "CVE-2021-33141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33141"
},
{
"name": "CVE-2023-28383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28383"
},
{
"name": "CVE-2023-45736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45736"
},
{
"name": "CVE-2024-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21835"
},
{
"name": "CVE-2023-22662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22662"
},
{
"name": "CVE-2024-21813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21813"
},
{
"name": "CVE-2024-21831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21831"
},
{
"name": "CVE-2023-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41234"
},
{
"name": "CVE-2023-45743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45743"
},
{
"name": "CVE-2023-39433",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39433"
},
{
"name": "CVE-2023-43751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43751"
},
{
"name": "CVE-2023-45315",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45315"
},
{
"name": "CVE-2023-42668",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42668"
},
{
"name": "CVE-2024-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21828"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2023-38417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38417"
},
{
"name": "CVE-2023-40070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40070"
},
{
"name": "CVE-2023-39929",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39929"
},
{
"name": "CVE-2024-22476",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22476"
},
{
"name": "CVE-2023-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40155"
},
{
"name": "CVE-2024-21774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21774"
},
{
"name": "CVE-2024-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21772"
},
{
"name": "CVE-2024-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21814"
},
{
"name": "CVE-2023-45320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45320"
},
{
"name": "CVE-2022-37410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37410"
},
{
"name": "CVE-2023-29165",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29165"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2023-27504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27504"
},
{
"name": "CVE-2023-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48727"
},
{
"name": "CVE-2021-33142",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33142"
},
{
"name": "CVE-2023-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38420"
},
{
"name": "CVE-2024-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22015"
},
{
"name": "CVE-2023-45221",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45221"
},
{
"name": "CVE-2023-47855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47855"
},
{
"name": "CVE-2023-45217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45217"
},
{
"name": "CVE-2024-22390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22390"
},
{
"name": "CVE-2024-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21792"
},
{
"name": "CVE-2024-21837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21837"
},
{
"name": "CVE-2023-38654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38654"
},
{
"name": "CVE-2023-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41092"
},
{
"name": "CVE-2023-27305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27305"
},
{
"name": "CVE-2023-49614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49614"
},
{
"name": "CVE-2024-22384",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22384"
},
{
"name": "CVE-2023-40536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40536"
},
{
"name": "CVE-2023-42773",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42773"
},
{
"name": "CVE-2023-24460",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24460"
},
{
"name": "CVE-2024-23980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23980"
},
{
"name": "CVE-2023-47165",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47165"
},
{
"name": "CVE-2023-41961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41961"
},
{
"name": "CVE-2023-43487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43487"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2024-24981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24981"
},
{
"name": "CVE-2024-21777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21777"
},
{
"name": "CVE-2023-45745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45745"
},
{
"name": "CVE-2024-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21809"
},
{
"name": "CVE-2023-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47210"
},
{
"name": "CVE-2023-28402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28402"
},
{
"name": "CVE-2024-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21843"
},
{
"name": "CVE-2023-40071",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40071"
},
{
"name": "CVE-2023-25952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25952"
},
{
"name": "CVE-2023-46691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46691"
},
{
"name": "CVE-2023-45733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45733"
},
{
"name": "CVE-2024-21841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21841"
},
{
"name": "CVE-2023-43748",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43748"
},
{
"name": "CVE-2024-21788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21788"
},
{
"name": "CVE-2024-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22095"
},
{
"name": "CVE-2022-42879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42879"
},
{
"name": "CVE-2021-33145",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33145"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0397",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\n\u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01012 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01035 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01035.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00983 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00983.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01036 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01037 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01037.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01034 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01034.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01067 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01067.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01042 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01042.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00984 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00984.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01032 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01032.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00756 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00756.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01020 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01020.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01021 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01021.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01054 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01054.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01051 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01066 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01066.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01056 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01056.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01039 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01039.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01007 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01007.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00814 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00814.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01047 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01047.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01052 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01055 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01055.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01031 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01031.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00996 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00996.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01013 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01013.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01059 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01059.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00916 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00916.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01080 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01080.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01053 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01053.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00935 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00962 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00962.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00965 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00965.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01041 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01041.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00937 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00937.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01084 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01043 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01043.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01109 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01109.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01069 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01069.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00831 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00831.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01050 du 14 mai 2024",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01050.html"
}
]
}
FKIE_CVE-2023-39929
Vulnerability from fkie_nvd - Published: 2024-05-16 21:15 - Updated: 2026-04-15 00:35
Severity
Summary
Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": " La ruta de b\u00fasqueda no controlada en alg\u00fan software Libva mantenido por Intel(R) antes de la versi\u00f3n 2.20.0 puede permitir que un usuario autenticado potencialmente habilite la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-39929",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-05-16T21:15:53.420",
"references": [
{
"source": "secure@intel.com",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secure@intel.com",
"type": "Secondary"
}
]
}
GHSA-4JMF-2GGR-PH9X
Vulnerability from github – Published: 2024-05-16 21:31 – Updated: 2024-05-16 21:31
VLAI
Details
Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2023-39929"
],
"database_specific": {
"cwe_ids": [
"CWE-427"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-16T21:15:53Z",
"severity": "MODERATE"
},
"details": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-4jmf-2ggr-ph9x",
"modified": "2024-05-16T21:31:59Z",
"published": "2024-05-16T21:31:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39929"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-39929
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-39929",
"id": "GSD-2023-39929"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-39929"
],
"id": "GSD-2023-39929",
"modified": "2023-12-13T01:20:33.098023Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-39929",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
SUSE-SU-2025:1451-1
Vulnerability from csaf_suse - Published: 2025-05-05 07:43 - Updated: 2025-05-05 07:43Summary
Security update for libva
Severity
Moderate
Notes
Title of the patch: Security update for libva
Description of the patch: This update for libva fixes the following issues:
Update to libva version 2.20.0, which includes security fix for:
* uncontrolled search path may allow an authenticated user to
escalate privilege via local access (CVE-2023-39929,
bsc#1224413, jsc#PED-11066)
This includes latest version of one of the components needed for Video
(processing) hardware support on Intel GPUs (bsc#1217770)
Update to version 2.20.0:
* av1: Revise offsets comments for av1 encode
* drm:
- Limit the array size to avoid out of range
- Remove no longer used helpers
* jpeg: add support for crop and partial decode
* trace:
- Add trace for vaExportSurfaceHandle
- Unlock mutex before return
- Fix minor issue about printf data type and value range
* va/backend:
- Annotate vafool as deprecated
- Document the vaGetDriver* APIs
* va/x11/va_fglrx: Remove some dead code
* va/x11/va_nvctrl: Remove some dead code
* va:
- Add new VADecodeErrorType to indicate the reset happended in
the driver
- Add vendor string on va_TraceInitialize
- Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)
- Drop no longer applicable vaGetDriverNames check
- Fix:don't leak driver names, when override is set
- Fix:set driver number to be zero if vaGetDriverNames failed
- Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)
- Remove legacy code paths
- Remove unreachable 'DRIVER BUG'
* win32:
- Only print win32 driver messages in DEBUG builds
- Remove duplicate adapter_luid entry
* x11/dri2: limit the array handling to avoid out of range access
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var
- Implement vaGetDriverNames
- Remove legacy code paths
Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
Update to version 2.18.0:
* doc: Add build and install libva informatio in home page.
* fix:
- Add libva.def into distribution package
- NULL check before calling strncmp.
- Remove reference to non-existent symbol
* meson: docs:
- Add encoder interface for av1
- Use libva_version over project_version()
* va:
- Add VAProfileH264High10
- Always build with va-messaging API
- Fix the codying style of CHECK_DISPLAY
- Remove Android pre Jelly Bean workarounds
- Remove dummy isValid() hook
- Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h
- va/sysdeps.h: remove Android section
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var
- Use LIBVA_DRI3_DISABLE in GetNumCandidates
Update to 2.17.0:
* win: Simplify signature for driver name loading
* win: Rewrite driver registry query and fix some
bugs/leaks/inefficiencies
* win: Add missing null check after calloc
* va: Update security disclaimer
* dep:remove the file .cvsignore
* pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx
* meson: add 'with-legacy' for emgd, nvctrl and fglrx
* x11: move all FGLRX code to va_fglrx.c
* x11: move all NVCTRL code to va_nvctrl.c
* meson: stop using deprecated meson.source_root()
* meson: stop using configure_file copy=true
* va: correctly include the win32 (local) headers
* win: clean-up the coding style
* va: dos2unix all the files
* drm: remove unnecessary dri2 version/extension query
* trace: annotate internal functions with DLL_HIDDEN
* build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_
support level attribute instead
* meson: Check support for -Wl,-version-script and build link_args
accordingly
* meson: Set va_win32 soversion to '' and remove the install_data rename
* fix: resouce check null
* va_trace: Add Win32 memory types in va_TraceSurfaceAttributes
* va_trace: va_TraceSurfaceAttributes should check the
VASurfaceAttribMemoryType
* va: Adds Win32 Node and Windows build support
* va: Adds compat_win32 abstraction for Windows build and prepares va
common code for windows build
* pkgconfig: Add Win32 package for when WITH_WIN32 is enabled
* meson: Add with_win32 option, makes libdrm non-mandatory on Win
* x11: add basic DRI3 support
* drm: remove VA_DRM_IsRenderNodeFd() helper
* drm: add radeon drm + radeonsi mesa combo
Needed for jira#PED-1174 (Video decoding/encoding support (VA-API,
...) for Intel GPUs is outside of Mesa)
Update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4
Update to 2.15.0:
* Add: new display HW attribute to report PCI ID
* Add: sample depth related parameters for AV1e
* Add: refresh_frame_flags for AV1e
* Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.
* Add: nvidia-drm to the drm driver map
* Add: type and buffer for delta qp per block
* Deprecation: remove the va_fool support
* Fix:Correct the version of meson build on master branch
* Fix:X11 DRI2: check if device is a render node
* Build:Use also strong stack protection if supported
* Trace:print the string for profile/entrypoint/configattrib
Update to 2.14.0:
* add: Add av1 encode interfaces
* add: VA/X11 VAAPI driver mapping for crocus DRI driver
* doc: Add description of the fd management for surface importing
* ci: fix freebsd build
* meson: Copy public headers to build directory to support subproject
Update to 2.13.0
* add new surface format fourcc XYUV
* Fix av1 dec doc page link issue
* unify the code styles using the style_unify script
* Check the function pointer before using (fixes github issue#536)
* update NEWS for 2.13.0
Update to 2.12.0:
* add: Report the capability of vaCopy support
* add: Report the capability of sub device
* add: Add config attributes to advertise HEVC/H.265 encoder features
* add: Video processing HVS Denoise: Added 4 modes
* add: Introduce VASurfaceAttribDRMFormatModifiers
* add: Add 3DLUT Filter in Video Processing.
* doc: Update log2_tile_column description for vp9enc
* trace: Correct av1 film grain trace information
* ci: Fix freebsd build by switching to vmactions/freebsd-vm@v0.1.3
Update to 2.11.0:
* add: LibVA Protected Content API
* add: Add a configuration attribute to advertise AV1d LST feature
* fix: wayland: don't try to authenticate with render nodes
* autotools: use shell grouping instead of sed to prepend a line
* trace: Add details data dump for mpeg2 IQ matrix.
* doc: update docs for VASurfaceAttribPixelFormat
* doc: Libva documentation edit for AV1 reference frames
* doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment
* doc: Remove tile_rows and tile_cols restriction to match AV1 spec
* doc: Format code for doxygen output
* doc: AV1 decode documentation edit for superres_scale_denominator
* ci: upgrade FreeBSD to 12.2
* ci: disable travis build
* ci: update cache before attempting to install packages
* ci: avoid running workloads on other workloads changes
* ci: enable github actions
- CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow authenticated users to escalate privilege via local access. (bsc#1224413)
Patchnames: SUSE-2025-1451,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1451,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1451,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1451,SUSE-Storage-7.1-2025-1451
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1202828 | self |
| https://bugzilla.suse.com/1217770 | self |
| https://bugzilla.suse.com/1224413 | self |
| https://www.suse.com/security/cve/CVE-2023-39929/ | self |
| https://www.suse.com/security/cve/CVE-2023-39929 | external |
| https://bugzilla.suse.com/1224413 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libva",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libva fixes the following issues:\n\nUpdate to libva version 2.20.0, which includes security fix for:\n\n* uncontrolled search path may allow an authenticated user to\n escalate privilege via local access (CVE-2023-39929,\n bsc#1224413, jsc#PED-11066)\n\nThis includes latest version of one of the components needed for Video\n(processing) hardware support on Intel GPUs (bsc#1217770)\n\nUpdate to version 2.20.0:\n\n * av1: Revise offsets comments for av1 encode\n * drm:\n - Limit the array size to avoid out of range\n - Remove no longer used helpers\n * jpeg: add support for crop and partial decode\n * trace:\n - Add trace for vaExportSurfaceHandle\n - Unlock mutex before return\n - Fix minor issue about printf data type and value range\n * va/backend:\n - Annotate vafool as deprecated\n - Document the vaGetDriver* APIs\n * va/x11/va_fglrx: Remove some dead code\n * va/x11/va_nvctrl: Remove some dead code\n * va:\n - Add new VADecodeErrorType to indicate the reset happended in\n the driver\n - Add vendor string on va_TraceInitialize\n - Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)\n - Drop no longer applicable vaGetDriverNames check\n - Fix:don\u0027t leak driver names, when override is set\n - Fix:set driver number to be zero if vaGetDriverNames failed\n - Optimize code of getting driver name for all protocols/os\n (wayland,x11,drm,win32,android)\n - Remove legacy code paths\n - Remove unreachable \u0027DRIVER BUG\u0027\n * win32:\n - Only print win32 driver messages in DEBUG builds\n - Remove duplicate adapter_luid entry\n * x11/dri2: limit the array handling to avoid out of range access\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var\n - Implement vaGetDriverNames\n - Remove legacy code paths\n\nUpdate to 2.19.0:\n\n * add: Add mono_chrome to VAEncSequenceParameterBufferAV1\n * add: Enable support for license acquisition of multiple protected\n playbacks\n * fix: use secure_getenv instead of getenv\n * trace: Improve and add VA trace log for AV1 encode\n * trace: Unify va log message, replace va_TracePrint with va_TraceMsg.\n\nUpdate to version 2.18.0:\n\n * doc: Add build and install libva informatio in home page.\n * fix:\n - Add libva.def into distribution package\n - NULL check before calling strncmp.\n - Remove reference to non-existent symbol\n * meson: docs:\n - Add encoder interface for av1\n - Use libva_version over project_version()\n * va:\n - Add VAProfileH264High10\n - Always build with va-messaging API\n - Fix the codying style of CHECK_DISPLAY\n - Remove Android pre Jelly Bean workarounds\n - Remove dummy isValid() hook\n - Remove unused drm_sarea.h include \u0026 ANDROID references in\n va_dricommon.h\n - va/sysdeps.h: remove Android section\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var\n - Use LIBVA_DRI3_DISABLE in GetNumCandidates\n\nUpdate to 2.17.0:\n\n * win: Simplify signature for driver name loading\n * win: Rewrite driver registry query and fix some\n bugs/leaks/inefficiencies\n * win: Add missing null check after calloc\n * va: Update security disclaimer\n * dep:remove the file .cvsignore\n * pkgconfig: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * meson: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * x11: move all FGLRX code to va_fglrx.c\n * x11: move all NVCTRL code to va_nvctrl.c\n * meson: stop using deprecated meson.source_root()\n * meson: stop using configure_file copy=true\n * va: correctly include the win32 (local) headers\n * win: clean-up the coding style\n * va: dos2unix all the files\n * drm: remove unnecessary dri2 version/extension query\n * trace: annotate internal functions with DLL_HIDDEN\n * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_\n support level attribute instead\n * meson: Check support for -Wl,-version-script and build link_args\n accordingly\n * meson: Set va_win32 soversion to \u0027\u0027 and remove the install_data rename\n * fix: resouce check null\n * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes\n * va_trace: va_TraceSurfaceAttributes should check the\n VASurfaceAttribMemoryType\n * va: Adds Win32 Node and Windows build support\n * va: Adds compat_win32 abstraction for Windows build and prepares va\n common code for windows build\n * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled\n * meson: Add with_win32 option, makes libdrm non-mandatory on Win\n * x11: add basic DRI3 support\n * drm: remove VA_DRM_IsRenderNodeFd() helper\n * drm: add radeon drm + radeonsi mesa combo\n\nNeeded for jira#PED-1174 (Video decoding/encoding support (VA-API,\n...) for Intel GPUs is outside of Mesa)\n\nUpdate to 2.16.0:\n\n * add: Add HierarchicalFlag \u0026 hierarchical_level_plus1 for AV1e.\n * dep: Update README.md to remove badge links\n * dep: Removed waffle-io badge from README to fix broken link\n * dep: Drop mailing list, IRC and Slack\n * autotools: use wayland-scanner private-code\n * autotools: use the wayland-scanner.pc to locate the prog\n * meson: use wayland-scanner private-code\n * meson: request native wayland-scanner\n * meson: use the wayland-scanner.pc to locate the prog\n * meson: set HAVE_VA_X11 when applicable\n * style:Correct slight coding style in several new commits\n * trace: add Linux ftrace mode for va trace\n * trace: Add missing pthread_mutex_destroy\n * drm: remove no-longer needed X == X mappings\n * drm: fallback to drm driver name == va driver name\n * drm: simplify the mapping table\n * x11: simplify the mapping table\n\nUpdate to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4\n\nUpdate to 2.15.0:\n\n * Add: new display HW attribute to report PCI ID\n * Add: sample depth related parameters for AV1e\n * Add: refresh_frame_flags for AV1e\n * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.\n * Add: nvidia-drm to the drm driver map\n * Add: type and buffer for delta qp per block\n * Deprecation: remove the va_fool support\n * Fix:Correct the version of meson build on master branch\n * Fix:X11 DRI2: check if device is a render node\n * Build:Use also strong stack protection if supported\n * Trace:print the string for profile/entrypoint/configattrib\n\nUpdate to 2.14.0:\n\n * add: Add av1 encode interfaces\n * add: VA/X11 VAAPI driver mapping for crocus DRI driver\n * doc: Add description of the fd management for surface importing\n * ci: fix freebsd build\n * meson: Copy public headers to build directory to support subproject\n \nUpdate to 2.13.0\n\n * add new surface format fourcc XYUV\n * Fix av1 dec doc page link issue\n * unify the code styles using the style_unify script\n * Check the function pointer before using (fixes github issue#536)\n * update NEWS for 2.13.0\n\nUpdate to 2.12.0:\n\n * add: Report the capability of vaCopy support\n * add: Report the capability of sub device\n * add: Add config attributes to advertise HEVC/H.265 encoder features\n * add: Video processing HVS Denoise: Added 4 modes\n * add: Introduce VASurfaceAttribDRMFormatModifiers\n * add: Add 3DLUT Filter in Video Processing.\n * doc: Update log2_tile_column description for vp9enc\n * trace: Correct av1 film grain trace information\n * ci: Fix freebsd build by switching to vmactions/freebsd-vm@v0.1.3\n\nUpdate to 2.11.0:\n\n * add: LibVA Protected Content API\n * add: Add a configuration attribute to advertise AV1d LST feature\n * fix: wayland: don\u0027t try to authenticate with render nodes\n * autotools: use shell grouping instead of sed to prepend a line\n * trace: Add details data dump for mpeg2 IQ matrix.\n * doc: update docs for VASurfaceAttribPixelFormat\n * doc: Libva documentation edit for AV1 reference frames\n * doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment\n * doc: Remove tile_rows and tile_cols restriction to match AV1 spec\n * doc: Format code for doxygen output\n * doc: AV1 decode documentation edit for superres_scale_denominator\n * ci: upgrade FreeBSD to 12.2\n * ci: disable travis build\n * ci: update cache before attempting to install packages\n * ci: avoid running workloads on other workloads changes\n * ci: enable github actions \n\n- CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow authenticated users to escalate privilege via local access. (bsc#1224413)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1451,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1451,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1451,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1451,SUSE-Storage-7.1-2025-1451",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1451-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1451-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251451-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1451-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039142.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202828",
"url": "https://bugzilla.suse.com/1202828"
},
{
"category": "self",
"summary": "SUSE Bug 1217770",
"url": "https://bugzilla.suse.com/1217770"
},
{
"category": "self",
"summary": "SUSE Bug 1224413",
"url": "https://bugzilla.suse.com/1224413"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39929 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39929/"
}
],
"title": "Security update for libva",
"tracking": {
"current_release_date": "2025-05-05T07:43:40Z",
"generator": {
"date": "2025-05-05T07:43:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1451-1",
"initial_release_date": "2025-05-05T07:43:40Z",
"revision_history": [
{
"date": "2025-05-05T07:43:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva-devel-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva-devel-2.20.0-150300.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva-drm2-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva-drm2-2.20.0-150300.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva-gl-devel-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva-gl-devel-2.20.0-150300.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva-glx2-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva-glx2-2.20.0-150300.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva-wayland2-2.20.0-150300.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva-x11-2-2.20.0-150300.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150300.3.3.1.aarch64",
"product": {
"name": "libva2-2.20.0-150300.3.3.1.aarch64",
"product_id": "libva2-2.20.0-150300.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva-devel-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva-devel-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-drm2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva-drm2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva-drm2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva-gl-devel-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva-gl-devel-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-glx2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva-glx2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva-glx2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-wayland2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva-wayland2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva-wayland2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-x11-2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva-x11-2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva-x11-2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product": {
"name": "libva2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32",
"product_id": "libva2-64bit-2.20.0-150300.3.3.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva-devel-2.20.0-150300.3.3.1.i586",
"product_id": "libva-devel-2.20.0-150300.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva-drm2-2.20.0-150300.3.3.1.i586",
"product_id": "libva-drm2-2.20.0-150300.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva-gl-devel-2.20.0-150300.3.3.1.i586",
"product_id": "libva-gl-devel-2.20.0-150300.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva-glx2-2.20.0-150300.3.3.1.i586",
"product_id": "libva-glx2-2.20.0-150300.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.i586",
"product_id": "libva-wayland2-2.20.0-150300.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.i586",
"product_id": "libva-x11-2-2.20.0-150300.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150300.3.3.1.i586",
"product": {
"name": "libva2-2.20.0-150300.3.3.1.i586",
"product_id": "libva2-2.20.0-150300.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva-devel-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva-devel-2.20.0-150300.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva-drm2-2.20.0-150300.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva-gl-devel-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva-gl-devel-2.20.0-150300.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva-glx2-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva-glx2-2.20.0-150300.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150300.3.3.1.ppc64le",
"product": {
"name": "libva2-2.20.0-150300.3.3.1.ppc64le",
"product_id": "libva2-2.20.0-150300.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva-devel-2.20.0-150300.3.3.1.s390x",
"product_id": "libva-devel-2.20.0-150300.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva-drm2-2.20.0-150300.3.3.1.s390x",
"product_id": "libva-drm2-2.20.0-150300.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva-gl-devel-2.20.0-150300.3.3.1.s390x",
"product_id": "libva-gl-devel-2.20.0-150300.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva-glx2-2.20.0-150300.3.3.1.s390x",
"product_id": "libva-glx2-2.20.0-150300.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.s390x",
"product_id": "libva-wayland2-2.20.0-150300.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.s390x",
"product_id": "libva-x11-2-2.20.0-150300.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150300.3.3.1.s390x",
"product": {
"name": "libva2-2.20.0-150300.3.3.1.s390x",
"product_id": "libva2-2.20.0-150300.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-devel-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-devel-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-devel-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-devel-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-devel-32bit-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-drm2-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-drm2-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-drm2-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-drm2-32bit-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-gl-devel-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-gl-devel-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-gl-devel-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-gl-devel-32bit-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-glx2-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-glx2-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-glx2-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-glx2-32bit-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-wayland2-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-wayland2-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-wayland2-32bit-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-x11-2-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva-x11-2-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva-x11-2-32bit-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva2-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva2-2.20.0-150300.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-32bit-2.20.0-150300.3.3.1.x86_64",
"product": {
"name": "libva2-32bit-2.20.0-150300.3.3.1.x86_64",
"product_id": "libva2-32bit-2.20.0-150300.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.s390x"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.s390x"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.s390x"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.s390x"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.s390x"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.ppc64le"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150300.3.3.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.aarch64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150300.3.3.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.x86_64"
},
"product_reference": "libva2-2.20.0-150300.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39929"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39929",
"url": "https://www.suse.com/security/cve/CVE-2023-39929"
},
{
"category": "external",
"summary": "SUSE Bug 1224413 for CVE-2023-39929",
"url": "https://bugzilla.suse.com/1224413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Enterprise Storage 7.1:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libva2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-devel-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-drm2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-wayland2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva-x11-2-2.20.0-150300.3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libva2-2.20.0-150300.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-05T07:43:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-39929"
}
]
}
SUSE-SU-2025:1452-1
Vulnerability from csaf_suse - Published: 2025-05-05 07:43 - Updated: 2025-05-05 07:43Summary
Security update for libva
Severity
Moderate
Notes
Title of the patch: Security update for libva
Description of the patch: This update for libva fixes the following issues:
Update to libva version 2.20.0, which includes security fix for:
- CVE-2023-39929: Uncontrolled search path may allow an authenticated
user to escalate privilege via local access (bsc#1224413, jsc#PED-11066)
This includes latest version of one of the components needed for
Video (processing) hardware support on Intel GPUs (bsc#1217770)
Update to version 2.20.0:
* av1: Revise offsets comments for av1 encode
* drm:
- Limit the array size to avoid out of range
- Remove no longer used helpers
* jpeg: add support for crop and partial decode
* trace:
- Add trace for vaExportSurfaceHandle
- Unlock mutex before return
- Fix minor issue about printf data type and value range
* va/backend:
- Annotate vafool as deprecated
- Document the vaGetDriver* APIs
* va/x11/va_fglrx: Remove some dead code
* va/x11/va_nvctrl: Remove some dead code
* va:
- Add new VADecodeErrorType to indicate the reset happended in
the driver
- Add vendor string on va_TraceInitialize
- Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)
- Drop no longer applicable vaGetDriverNames check
- Fix:don't leak driver names, when override is set
- Fix:set driver number to be zero if vaGetDriverNames failed
- Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)
- Remove legacy code paths
- Remove unreachable 'DRIVER BUG'
* win32:
- Only print win32 driver messages in DEBUG builds
- Remove duplicate adapter_luid entry
* x11/dri2: limit the array handling to avoid out of range access
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var
- Implement vaGetDriverNames
- Remove legacy code paths
Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
Update to version 2.18.0:
* doc: Add build and install libva informatio in home page.
* fix:
- Add libva.def into distribution package
- NULL check before calling strncmp.
- Remove reference to non-existent symbol
* meson: docs:
- Add encoder interface for av1
- Use libva_version over project_version()
* va:
- Add VAProfileH264High10
- Always build with va-messaging API
- Fix the codying style of CHECK_DISPLAY
- Remove Android pre Jelly Bean workarounds
- Remove dummy isValid() hook
- Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h
- va/sysdeps.h: remove Android section
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var
- Use LIBVA_DRI3_DISABLE in GetNumCandidates
update to 2.17.0:
* win: Simplify signature for driver name loading
* win: Rewrite driver registry query and fix some
bugs/leaks/inefficiencies
* win: Add missing null check after calloc
* va: Update security disclaimer
* dep:remove the file .cvsignore
* pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx
* meson: add 'with-legacy' for emgd, nvctrl and fglrx
* x11: move all FGLRX code to va_fglrx.c
* x11: move all NVCTRL code to va_nvctrl.c
* meson: stop using deprecated meson.source_root()
* meson: stop using configure_file copy=true
* va: correctly include the win32 (local) headers
* win: clean-up the coding style
* va: dos2unix all the files
* drm: remove unnecessary dri2 version/extension query
* trace: annotate internal functions with DLL_HIDDEN
* build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_
support level attribute instead
* meson: Check support for -Wl,-version-script and build link_args
accordingly
* meson: Set va_win32 soversion to '' and remove the install_data rename
* fix: resouce check null
* va_trace: Add Win32 memory types in va_TraceSurfaceAttributes
* va_trace: va_TraceSurfaceAttributes should check the
VASurfaceAttribMemoryType
* va: Adds Win32 Node and Windows build support
* va: Adds compat_win32 abstraction for Windows build and prepares va
common code for windows build
* pkgconfig: Add Win32 package for when WITH_WIN32 is enabled
* meson: Add with_win32 option, makes libdrm non-mandatory on Win
* x11: add basic DRI3 support
* drm: remove VA_DRM_IsRenderNodeFd() helper
* drm: add radeon drm + radeonsi mesa combo
- needed for jira#PED-1174 (Video decoding/encoding support
(VA-API, ...) for Intel GPUs is outside of Mesa)
Update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4
Update to 2.15.0:
* Add: new display HW attribute to report PCI ID
* Add: sample depth related parameters for AV1e
* Add: refresh_frame_flags for AV1e
* Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.
* Add: nvidia-drm to the drm driver map
* Add: type and buffer for delta qp per block
* Deprecation: remove the va_fool support
* Fix:Correct the version of meson build on master branch
* Fix:X11 DRI2: check if device is a render node
* Build:Use also strong stack protection if supported
* Trace:print the string for profile/entrypoint/configattrib
Update to 2.14.0:
* add: Add av1 encode interfaces
* add: VA/X11 VAAPI driver mapping for crocus DRI driver
* doc: Add description of the fd management for surface importing
* ci: fix freebsd build
* meson: Copy public headers to build directory to support subproject
- CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow authenticated users to escalate privilege via local access. (bsc#1224413)
Patchnames: SUSE-2025-1452,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1452,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1452,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1452,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1452
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1202828 | self |
| https://bugzilla.suse.com/1217770 | self |
| https://bugzilla.suse.com/1224413 | self |
| https://www.suse.com/security/cve/CVE-2023-39929/ | self |
| https://www.suse.com/security/cve/CVE-2023-39929 | external |
| https://bugzilla.suse.com/1224413 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libva",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libva fixes the following issues:\n\nUpdate to libva version 2.20.0, which includes security fix for:\n\n- CVE-2023-39929: Uncontrolled search path may allow an authenticated\n user to escalate privilege via local access (bsc#1224413, jsc#PED-11066)\n\nThis includes latest version of one of the components needed for\nVideo (processing) hardware support on Intel GPUs (bsc#1217770)\n\nUpdate to version 2.20.0:\n\n * av1: Revise offsets comments for av1 encode\n * drm:\n - Limit the array size to avoid out of range\n - Remove no longer used helpers\n * jpeg: add support for crop and partial decode\n * trace:\n - Add trace for vaExportSurfaceHandle\n - Unlock mutex before return\n - Fix minor issue about printf data type and value range\n * va/backend:\n - Annotate vafool as deprecated\n - Document the vaGetDriver* APIs\n * va/x11/va_fglrx: Remove some dead code\n * va/x11/va_nvctrl: Remove some dead code\n * va:\n - Add new VADecodeErrorType to indicate the reset happended in\n the driver\n - Add vendor string on va_TraceInitialize\n - Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)\n - Drop no longer applicable vaGetDriverNames check\n - Fix:don\u0027t leak driver names, when override is set\n - Fix:set driver number to be zero if vaGetDriverNames failed\n - Optimize code of getting driver name for all protocols/os\n (wayland,x11,drm,win32,android)\n - Remove legacy code paths\n - Remove unreachable \u0027DRIVER BUG\u0027\n * win32:\n - Only print win32 driver messages in DEBUG builds\n - Remove duplicate adapter_luid entry\n * x11/dri2: limit the array handling to avoid out of range access\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var\n - Implement vaGetDriverNames\n - Remove legacy code paths\n\nUpdate to 2.19.0:\n\n * add: Add mono_chrome to VAEncSequenceParameterBufferAV1\n * add: Enable support for license acquisition of multiple protected\n playbacks\n * fix: use secure_getenv instead of getenv\n * trace: Improve and add VA trace log for AV1 encode\n * trace: Unify va log message, replace va_TracePrint with va_TraceMsg.\n\nUpdate to version 2.18.0:\n\n * doc: Add build and install libva informatio in home page.\n * fix:\n - Add libva.def into distribution package\n - NULL check before calling strncmp.\n - Remove reference to non-existent symbol\n * meson: docs:\n - Add encoder interface for av1\n - Use libva_version over project_version()\n * va:\n - Add VAProfileH264High10\n - Always build with va-messaging API\n - Fix the codying style of CHECK_DISPLAY\n - Remove Android pre Jelly Bean workarounds\n - Remove dummy isValid() hook\n - Remove unused drm_sarea.h include \u0026 ANDROID references in\n va_dricommon.h\n - va/sysdeps.h: remove Android section\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var\n - Use LIBVA_DRI3_DISABLE in GetNumCandidates\n\nupdate to 2.17.0:\n\n * win: Simplify signature for driver name loading\n * win: Rewrite driver registry query and fix some\n bugs/leaks/inefficiencies\n * win: Add missing null check after calloc\n * va: Update security disclaimer\n * dep:remove the file .cvsignore\n * pkgconfig: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * meson: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * x11: move all FGLRX code to va_fglrx.c\n * x11: move all NVCTRL code to va_nvctrl.c\n * meson: stop using deprecated meson.source_root()\n * meson: stop using configure_file copy=true\n * va: correctly include the win32 (local) headers\n * win: clean-up the coding style\n * va: dos2unix all the files\n * drm: remove unnecessary dri2 version/extension query\n * trace: annotate internal functions with DLL_HIDDEN\n * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_\n support level attribute instead\n * meson: Check support for -Wl,-version-script and build link_args\n accordingly\n * meson: Set va_win32 soversion to \u0027\u0027 and remove the install_data rename\n * fix: resouce check null\n * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes\n * va_trace: va_TraceSurfaceAttributes should check the\n VASurfaceAttribMemoryType\n * va: Adds Win32 Node and Windows build support\n * va: Adds compat_win32 abstraction for Windows build and prepares va\n common code for windows build\n * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled\n * meson: Add with_win32 option, makes libdrm non-mandatory on Win\n * x11: add basic DRI3 support\n * drm: remove VA_DRM_IsRenderNodeFd() helper\n * drm: add radeon drm + radeonsi mesa combo\n\n- needed for jira#PED-1174 (Video decoding/encoding support \n (VA-API, ...) for Intel GPUs is outside of Mesa)\n\nUpdate to 2.16.0:\n\n * add: Add HierarchicalFlag \u0026 hierarchical_level_plus1 for AV1e.\n * dep: Update README.md to remove badge links\n * dep: Removed waffle-io badge from README to fix broken link\n * dep: Drop mailing list, IRC and Slack\n * autotools: use wayland-scanner private-code\n * autotools: use the wayland-scanner.pc to locate the prog\n * meson: use wayland-scanner private-code\n * meson: request native wayland-scanner\n * meson: use the wayland-scanner.pc to locate the prog\n * meson: set HAVE_VA_X11 when applicable\n * style:Correct slight coding style in several new commits\n * trace: add Linux ftrace mode for va trace\n * trace: Add missing pthread_mutex_destroy\n * drm: remove no-longer needed X == X mappings\n * drm: fallback to drm driver name == va driver name\n * drm: simplify the mapping table\n * x11: simplify the mapping table\n\nUpdate to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2 Release 22.4.4\n\nUpdate to 2.15.0:\n\n * Add: new display HW attribute to report PCI ID\n * Add: sample depth related parameters for AV1e\n * Add: refresh_frame_flags for AV1e\n * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.\n * Add: nvidia-drm to the drm driver map\n * Add: type and buffer for delta qp per block\n * Deprecation: remove the va_fool support\n * Fix:Correct the version of meson build on master branch\n * Fix:X11 DRI2: check if device is a render node\n * Build:Use also strong stack protection if supported\n * Trace:print the string for profile/entrypoint/configattrib\n\nUpdate to 2.14.0:\n\n * add: Add av1 encode interfaces\n * add: VA/X11 VAAPI driver mapping for crocus DRI driver\n * doc: Add description of the fd management for surface importing\n * ci: fix freebsd build\n * meson: Copy public headers to build directory to support subproject\n\n- CVE-2023-39929: Fixed an issue where an uncontrolled search path may allow authenticated users to escalate privilege via local access. (bsc#1224413) \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1452,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1452,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1452,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1452,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1452",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1452-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1452-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251452-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1452-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039141.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202828",
"url": "https://bugzilla.suse.com/1202828"
},
{
"category": "self",
"summary": "SUSE Bug 1217770",
"url": "https://bugzilla.suse.com/1217770"
},
{
"category": "self",
"summary": "SUSE Bug 1224413",
"url": "https://bugzilla.suse.com/1224413"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39929 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39929/"
}
],
"title": "Security update for libva",
"tracking": {
"current_release_date": "2025-05-05T07:43:59Z",
"generator": {
"date": "2025-05-05T07:43:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1452-1",
"initial_release_date": "2025-05-05T07:43:59Z",
"revision_history": [
{
"date": "2025-05-05T07:43:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva-devel-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva-devel-2.20.0-150400.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva-drm2-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva-drm2-2.20.0-150400.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva-gl-devel-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva-gl-devel-2.20.0-150400.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva-glx2-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva-glx2-2.20.0-150400.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva-wayland2-2.20.0-150400.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva-x11-2-2.20.0-150400.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150400.3.5.1.aarch64",
"product": {
"name": "libva2-2.20.0-150400.3.5.1.aarch64",
"product_id": "libva2-2.20.0-150400.3.5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-devel-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva-devel-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-drm2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-drm2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva-drm2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-gl-devel-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva-gl-devel-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-glx2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-glx2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva-glx2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-wayland2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-wayland2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva-wayland2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-x11-2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-x11-2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva-x11-2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product": {
"name": "libva2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32",
"product_id": "libva2-64bit-2.20.0-150400.3.5.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva-devel-2.20.0-150400.3.5.1.i586",
"product_id": "libva-devel-2.20.0-150400.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva-drm2-2.20.0-150400.3.5.1.i586",
"product_id": "libva-drm2-2.20.0-150400.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva-gl-devel-2.20.0-150400.3.5.1.i586",
"product_id": "libva-gl-devel-2.20.0-150400.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva-glx2-2.20.0-150400.3.5.1.i586",
"product_id": "libva-glx2-2.20.0-150400.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.i586",
"product_id": "libva-wayland2-2.20.0-150400.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.i586",
"product_id": "libva-x11-2-2.20.0-150400.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150400.3.5.1.i586",
"product": {
"name": "libva2-2.20.0-150400.3.5.1.i586",
"product_id": "libva2-2.20.0-150400.3.5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva-devel-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva-devel-2.20.0-150400.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva-drm2-2.20.0-150400.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva-gl-devel-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva-gl-devel-2.20.0-150400.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva-glx2-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva-glx2-2.20.0-150400.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150400.3.5.1.ppc64le",
"product": {
"name": "libva2-2.20.0-150400.3.5.1.ppc64le",
"product_id": "libva2-2.20.0-150400.3.5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva-devel-2.20.0-150400.3.5.1.s390x",
"product_id": "libva-devel-2.20.0-150400.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva-drm2-2.20.0-150400.3.5.1.s390x",
"product_id": "libva-drm2-2.20.0-150400.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva-gl-devel-2.20.0-150400.3.5.1.s390x",
"product_id": "libva-gl-devel-2.20.0-150400.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva-glx2-2.20.0-150400.3.5.1.s390x",
"product_id": "libva-glx2-2.20.0-150400.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.s390x",
"product_id": "libva-wayland2-2.20.0-150400.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.s390x",
"product_id": "libva-x11-2-2.20.0-150400.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150400.3.5.1.s390x",
"product": {
"name": "libva2-2.20.0-150400.3.5.1.s390x",
"product_id": "libva2-2.20.0-150400.3.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-devel-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-devel-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-devel-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-devel-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-devel-32bit-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-drm2-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-drm2-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-drm2-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-drm2-32bit-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-gl-devel-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-gl-devel-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-gl-devel-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-gl-devel-32bit-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-glx2-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-glx2-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-glx2-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-glx2-32bit-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-wayland2-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-wayland2-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-wayland2-32bit-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-x11-2-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva-x11-2-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva-x11-2-32bit-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva2-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva2-2.20.0-150400.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-32bit-2.20.0-150400.3.5.1.x86_64",
"product": {
"name": "libva2-32bit-2.20.0-150400.3.5.1.x86_64",
"product_id": "libva2-32bit-2.20.0-150400.3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.s390x"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.s390x"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.s390x"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.s390x"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.s390x"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.ppc64le"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150400.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150400.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39929"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39929",
"url": "https://www.suse.com/security/cve/CVE-2023-39929"
},
{
"category": "external",
"summary": "SUSE Bug 1224413 for CVE-2023-39929",
"url": "https://bugzilla.suse.com/1224413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libva2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-devel-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-drm2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-wayland2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva-x11-2-2.20.0-150400.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libva2-2.20.0-150400.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-05T07:43:59Z",
"details": "moderate"
}
],
"title": "CVE-2023-39929"
}
]
}
SUSE-SU-2025:1453-1
Vulnerability from csaf_suse - Published: 2025-05-05 07:44 - Updated: 2025-05-05 07:44Summary
Security update for libva
Severity
Moderate
Notes
Title of the patch: Security update for libva
Description of the patch: This update for libva fixes the following issues:
Update to libva version 2.20.0, which includes security fix for:
* CVE-2023-39929: uncontrolled search path may allow an authenticated user to
escalate privilege via local access (bsc#1224413, jsc#PED-11066)
This includes latest version of one of the components needed for Video
(processing) hardware support on Intel GPUs (bsc#1217770)
Update to version 2.20.0:
* av1: Revise offsets comments for av1 encode
* drm:
- Limit the array size to avoid out of range
- Remove no longer used helpers
* jpeg: add support for crop and partial decode
* trace:
- Add trace for vaExportSurfaceHandle
- Unlock mutex before return
- Fix minor issue about printf data type and value range
* va/backend:
- Annotate vafool as deprecated
- Document the vaGetDriver* APIs
* va/x11/va_fglrx: Remove some dead code
* va/x11/va_nvctrl: Remove some dead code
* va:
- Add new VADecodeErrorType to indicate the reset happended in
the driver
- Add vendor string on va_TraceInitialize
- Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)
- Drop no longer applicable vaGetDriverNames check
- Fix:don't leak driver names, when override is set
- Fix:set driver number to be zero if vaGetDriverNames failed
- Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)
- Remove legacy code paths
- Remove unreachable 'DRIVER BUG'
* x11/dri2: limit the array handling to avoid out of range access
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var
- Implement vaGetDriverNames
- Remove legacy code paths
Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
Update to version 2.18.0:
* doc: Add build and install libva informatio in home page.
* fix:
- Add libva.def into distribution package
- NULL check before calling strncmp.
- Remove reference to non-existent symbol
* meson: docs:
- Add encoder interface for av1
- Use libva_version over project_version()
* va:
- Add VAProfileH264High10
- Always build with va-messaging API
- Fix the codying style of CHECK_DISPLAY
- Remove Android pre Jelly Bean workarounds
- Remove dummy isValid() hook
- Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h
- va/sysdeps.h: remove Android section
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var
- Use LIBVA_DRI3_DISABLE in GetNumCandidates
- Add libva-wayland to baselibs.conf, now that its build have moved
to the main part of spec, source validator should no longer
complain on SLE.
Update to 2.17.0:
* win: Simplify signature for driver name loading
* win: Rewrite driver registry query and fix some
bugs/leaks/inefficiencies
* win: Add missing null check after calloc
* va: Update security disclaimer
* dep:remove the file .cvsignore
* pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx
* meson: add 'with-legacy' for emgd, nvctrl and fglrx
* x11: move all FGLRX code to va_fglrx.c
* x11: move all NVCTRL code to va_nvctrl.c
* meson: stop using deprecated meson.source_root()
* meson: stop using configure_file copy=true
* va: correctly include the win32 (local) headers
* win: clean-up the coding style
* va: dos2unix all the files
* drm: remove unnecessary dri2 version/extension query
* trace: annotate internal functions with DLL_HIDDEN
* build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_
support level attribute instead
* meson: Check support for -Wl,-version-script and build link_args
accordingly
* meson: Set va_win32 soversion to '' and remove the install_data rename
* fix: resouce check null
* va_trace: Add Win32 memory types in va_TraceSurfaceAttributes
* va_trace: va_TraceSurfaceAttributes should check the
VASurfaceAttribMemoryType
* va: Adds Win32 Node and Windows build support
* va: Adds compat_win32 abstraction for Windows build and prepares va
common code for windows build
* pkgconfig: Add Win32 package for when WITH_WIN32 is enabled
* meson: Add with_win32 option, makes libdrm non-mandatory on Win
* x11: add basic DRI3 support
* drm: remove VA_DRM_IsRenderNodeFd() helper
* drm: add radeon drm + radeonsi mesa combo
Patchnames: SUSE-2025-1453,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1453,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1453,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1453,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1453
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Affected products
Recommended
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1202828 | self |
| https://bugzilla.suse.com/1217770 | self |
| https://bugzilla.suse.com/1224413 | self |
| https://www.suse.com/security/cve/CVE-2023-39929/ | self |
| https://www.suse.com/security/cve/CVE-2023-39929 | external |
| https://bugzilla.suse.com/1224413 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libva",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libva fixes the following issues:\n\nUpdate to libva version 2.20.0, which includes security fix for:\n\n* CVE-2023-39929: uncontrolled search path may allow an authenticated user to\n escalate privilege via local access (bsc#1224413, jsc#PED-11066)\n\nThis includes latest version of one of the components needed for Video\n(processing) hardware support on Intel GPUs (bsc#1217770)\n\nUpdate to version 2.20.0:\n\n * av1: Revise offsets comments for av1 encode\n * drm:\n\n - Limit the array size to avoid out of range\n - Remove no longer used helpers\n\n * jpeg: add support for crop and partial decode\n * trace:\n\n - Add trace for vaExportSurfaceHandle\n - Unlock mutex before return\n - Fix minor issue about printf data type and value range\n\n * va/backend:\n\n - Annotate vafool as deprecated\n - Document the vaGetDriver* APIs\n\n * va/x11/va_fglrx: Remove some dead code\n * va/x11/va_nvctrl: Remove some dead code\n * va:\n\n - Add new VADecodeErrorType to indicate the reset happended in\n the driver\n - Add vendor string on va_TraceInitialize\n - Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)\n - Drop no longer applicable vaGetDriverNames check\n - Fix:don\u0027t leak driver names, when override is set\n - Fix:set driver number to be zero if vaGetDriverNames failed\n - Optimize code of getting driver name for all protocols/os\n (wayland,x11,drm,win32,android)\n - Remove legacy code paths\n - Remove unreachable \u0027DRIVER BUG\u0027\n\n * x11/dri2: limit the array handling to avoid out of range access\n * x11:\n\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var\n - Implement vaGetDriverNames\n - Remove legacy code paths\n\nUpdate to 2.19.0:\n\n * add: Add mono_chrome to VAEncSequenceParameterBufferAV1\n * add: Enable support for license acquisition of multiple protected\n playbacks\n * fix: use secure_getenv instead of getenv\n * trace: Improve and add VA trace log for AV1 encode\n * trace: Unify va log message, replace va_TracePrint with va_TraceMsg.\n\nUpdate to version 2.18.0:\n\n * doc: Add build and install libva informatio in home page.\n * fix:\n\n - Add libva.def into distribution package\n - NULL check before calling strncmp.\n - Remove reference to non-existent symbol\n\n * meson: docs:\n\n - Add encoder interface for av1\n - Use libva_version over project_version()\n\n * va:\n\n - Add VAProfileH264High10\n - Always build with va-messaging API\n - Fix the codying style of CHECK_DISPLAY\n - Remove Android pre Jelly Bean workarounds\n - Remove dummy isValid() hook\n - Remove unused drm_sarea.h include \u0026 ANDROID references in\n va_dricommon.h\n - va/sysdeps.h: remove Android section\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var\n\n - Use LIBVA_DRI3_DISABLE in GetNumCandidates\n\n- Add libva-wayland to baselibs.conf, now that its build have moved\n to the main part of spec, source validator should no longer\n complain on SLE.\n\nUpdate to 2.17.0:\n\n * win: Simplify signature for driver name loading\n * win: Rewrite driver registry query and fix some\n bugs/leaks/inefficiencies\n * win: Add missing null check after calloc\n * va: Update security disclaimer\n * dep:remove the file .cvsignore\n * pkgconfig: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * meson: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * x11: move all FGLRX code to va_fglrx.c\n * x11: move all NVCTRL code to va_nvctrl.c\n * meson: stop using deprecated meson.source_root()\n * meson: stop using configure_file copy=true\n * va: correctly include the win32 (local) headers\n * win: clean-up the coding style\n * va: dos2unix all the files\n * drm: remove unnecessary dri2 version/extension query\n * trace: annotate internal functions with DLL_HIDDEN\n * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_\n support level attribute instead\n * meson: Check support for -Wl,-version-script and build link_args\n accordingly\n * meson: Set va_win32 soversion to \u0027\u0027 and remove the install_data rename\n * fix: resouce check null\n * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes\n * va_trace: va_TraceSurfaceAttributes should check the\n VASurfaceAttribMemoryType\n * va: Adds Win32 Node and Windows build support\n * va: Adds compat_win32 abstraction for Windows build and prepares va\n common code for windows build\n * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled\n * meson: Add with_win32 option, makes libdrm non-mandatory on Win\n * x11: add basic DRI3 support\n * drm: remove VA_DRM_IsRenderNodeFd() helper\n * drm: add radeon drm + radeonsi mesa combo\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1453,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1453,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1453,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1453,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1453",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1453-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1453-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251453-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1453-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039140.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202828",
"url": "https://bugzilla.suse.com/1202828"
},
{
"category": "self",
"summary": "SUSE Bug 1217770",
"url": "https://bugzilla.suse.com/1217770"
},
{
"category": "self",
"summary": "SUSE Bug 1224413",
"url": "https://bugzilla.suse.com/1224413"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39929 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39929/"
}
],
"title": "Security update for libva",
"tracking": {
"current_release_date": "2025-05-05T07:44:16Z",
"generator": {
"date": "2025-05-05T07:44:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1453-1",
"initial_release_date": "2025-05-05T07:44:16Z",
"revision_history": [
{
"date": "2025-05-05T07:44:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva-devel-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva-devel-2.20.0-150500.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva-drm2-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva-drm2-2.20.0-150500.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva-gl-devel-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva-gl-devel-2.20.0-150500.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva-glx2-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva-glx2-2.20.0-150500.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva-wayland2-2.20.0-150500.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva-x11-2-2.20.0-150500.3.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150500.3.5.1.aarch64",
"product": {
"name": "libva2-2.20.0-150500.3.5.1.aarch64",
"product_id": "libva2-2.20.0-150500.3.5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-devel-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva-devel-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-drm2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-drm2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva-drm2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-gl-devel-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva-gl-devel-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-glx2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-glx2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva-glx2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-wayland2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-wayland2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva-wayland2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-x11-2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva-x11-2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva-x11-2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product": {
"name": "libva2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32",
"product_id": "libva2-64bit-2.20.0-150500.3.5.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva-devel-2.20.0-150500.3.5.1.i586",
"product_id": "libva-devel-2.20.0-150500.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva-drm2-2.20.0-150500.3.5.1.i586",
"product_id": "libva-drm2-2.20.0-150500.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva-gl-devel-2.20.0-150500.3.5.1.i586",
"product_id": "libva-gl-devel-2.20.0-150500.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva-glx2-2.20.0-150500.3.5.1.i586",
"product_id": "libva-glx2-2.20.0-150500.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.i586",
"product_id": "libva-wayland2-2.20.0-150500.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.i586",
"product_id": "libva-x11-2-2.20.0-150500.3.5.1.i586"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150500.3.5.1.i586",
"product": {
"name": "libva2-2.20.0-150500.3.5.1.i586",
"product_id": "libva2-2.20.0-150500.3.5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva-devel-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva-devel-2.20.0-150500.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva-drm2-2.20.0-150500.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva-gl-devel-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva-gl-devel-2.20.0-150500.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva-glx2-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva-glx2-2.20.0-150500.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150500.3.5.1.ppc64le",
"product": {
"name": "libva2-2.20.0-150500.3.5.1.ppc64le",
"product_id": "libva2-2.20.0-150500.3.5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva-devel-2.20.0-150500.3.5.1.s390x",
"product_id": "libva-devel-2.20.0-150500.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva-drm2-2.20.0-150500.3.5.1.s390x",
"product_id": "libva-drm2-2.20.0-150500.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva-gl-devel-2.20.0-150500.3.5.1.s390x",
"product_id": "libva-gl-devel-2.20.0-150500.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva-glx2-2.20.0-150500.3.5.1.s390x",
"product_id": "libva-glx2-2.20.0-150500.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.s390x",
"product_id": "libva-wayland2-2.20.0-150500.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.s390x",
"product_id": "libva-x11-2-2.20.0-150500.3.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150500.3.5.1.s390x",
"product": {
"name": "libva2-2.20.0-150500.3.5.1.s390x",
"product_id": "libva2-2.20.0-150500.3.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-devel-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-devel-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-devel-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-devel-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-devel-32bit-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-drm2-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-drm2-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-drm2-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-drm2-32bit-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-gl-devel-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-gl-devel-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-gl-devel-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-gl-devel-32bit-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-glx2-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-glx2-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-glx2-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-glx2-32bit-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-wayland2-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-wayland2-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-wayland2-32bit-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-x11-2-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva-x11-2-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva-x11-2-32bit-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva2-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva2-2.20.0-150500.3.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-32bit-2.20.0-150500.3.5.1.x86_64",
"product": {
"name": "libva2-32bit-2.20.0-150500.3.5.1.x86_64",
"product_id": "libva2-32bit-2.20.0-150500.3.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.s390x"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.s390x"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.s390x"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.s390x"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.s390x"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-devel-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-drm2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-wayland2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.ppc64le"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-150500.3.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.x86_64"
},
"product_reference": "libva2-2.20.0-150500.3.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39929"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39929",
"url": "https://www.suse.com/security/cve/CVE-2023-39929"
},
{
"category": "external",
"summary": "SUSE Bug 1224413 for CVE-2023-39929",
"url": "https://bugzilla.suse.com/1224413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libva2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-devel-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-drm2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-wayland2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva-x11-2-2.20.0-150500.3.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libva2-2.20.0-150500.3.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-05T07:44:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-39929"
}
]
}
SUSE-SU-2025:1477-1
Vulnerability from csaf_suse - Published: 2025-05-06 09:17 - Updated: 2025-05-06 09:17Summary
Security update for libva
Severity
Moderate
Notes
Title of the patch: Security update for libva
Description of the patch: This update for libva fixes the following issues:
Update to libva version 2.20.0, which includes security fix for:
* uncontrolled search path may allow an authenticated user to
escalate privilege via local access (CVE-2023-39929,
bsc#1224413, jsc#PED-11066)
This includes latest version of one of the components needed for Video
(processing) hardware support on Intel GPUs (bsc#1217770)
Update to version 2.20.0:
* av1: Revise offsets comments for av1 encode
* drm:
- Limit the array size to avoid out of range
- Remove no longer used helpers
* jpeg: add support for crop and partial decode
* trace:
- Add trace for vaExportSurfaceHandle
- Unlock mutex before return
- Fix minor issue about printf data type and value range
* va/backend:
- Annotate vafool as deprecated
- Document the vaGetDriver* APIs
* va/x11/va_fglrx: Remove some dead code
* va/x11/va_nvctrl: Remove some dead code
* va:
- Add new VADecodeErrorType to indicate the reset happended in
the driver
- Add vendor string on va_TraceInitialize
- Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)
- Drop no longer applicable vaGetDriverNames check
- Fix:don't leak driver names, when override is set
- Fix:set driver number to be zero if vaGetDriverNames failed
- Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)
- Remove legacy code paths
- Remove unreachable 'DRIVER BUG'
* win32:
- Only print win32 driver messages in DEBUG builds
- Remove duplicate adapter_luid entry
* x11/dri2: limit the array handling to avoid out of range access
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var
- Implement vaGetDriverNames
- Remove legacy code paths
Update to 2.19.0:
* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.
Update to version 2.18.0:
* doc: Add build and install libva informatio in home page.
* fix:
- Add libva.def into distribution package
- NULL check before calling strncmp.
- Remove reference to non-existent symbol
* meson: docs:
- Add encoder interface for av1
- Use libva_version over project_version()
* va:
- Add VAProfileH264High10
- Always build with va-messaging API
- Fix the codying style of CHECK_DISPLAY
- Remove Android pre Jelly Bean workarounds
- Remove dummy isValid() hook
- Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h
- va/sysdeps.h: remove Android section
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var
- Use LIBVA_DRI3_DISABLE in GetNumCandidates
Update to 2.17.0:
* win: Simplify signature for driver name loading
* win: Rewrite driver registry query and fix some
bugs/leaks/inefficiencies
* win: Add missing null check after calloc
* va: Update security disclaimer
* dep:remove the file .cvsignore
* pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx
* meson: add 'with-legacy' for emgd, nvctrl and fglrx
* x11: move all FGLRX code to va_fglrx.c
* x11: move all NVCTRL code to va_nvctrl.c
* meson: stop using deprecated meson.source_root()
* meson: stop using configure_file copy=true
* va: correctly include the win32 (local) headers
* win: clean-up the coding style
* va: dos2unix all the files
* drm: remove unnecessary dri2 version/extension query
* trace: annotate internal functions with DLL_HIDDEN
* build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_
support level attribute instead
* meson: Check support for -Wl,-version-script and build link_args
accordingly
* meson: Set va_win32 soversion to '' and remove the install_data rename
* fix: resouce check null
* va_trace: Add Win32 memory types in va_TraceSurfaceAttributes
* va_trace: va_TraceSurfaceAttributes should check the
VASurfaceAttribMemoryType
* va: Adds Win32 Node and Windows build support
* va: Adds compat_win32 abstraction for Windows build and prepares va
common code for windows build
* pkgconfig: Add Win32 package for when WITH_WIN32 is enabled
* meson: Add with_win32 option, makes libdrm non-mandatory on Win
* x11: add basic DRI3 support
* drm: remove VA_DRM_IsRenderNodeFd() helper
* drm: add radeon drm + radeonsi mesa combo
Needed for jira#PED-1174 (Video decoding/encoding support (VA-API,
...) for Intel GPUs is outside of Mesa)
update to 2.16.0:
* add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.
* dep: Update README.md to remove badge links
* dep: Removed waffle-io badge from README to fix broken link
* dep: Drop mailing list, IRC and Slack
* autotools: use wayland-scanner private-code
* autotools: use the wayland-scanner.pc to locate the prog
* meson: use wayland-scanner private-code
* meson: request native wayland-scanner
* meson: use the wayland-scanner.pc to locate the prog
* meson: set HAVE_VA_X11 when applicable
* style:Correct slight coding style in several new commits
* trace: add Linux ftrace mode for va trace
* trace: Add missing pthread_mutex_destroy
* drm: remove no-longer needed X == X mappings
* drm: fallback to drm driver name == va driver name
* drm: simplify the mapping table
* x11: simplify the mapping table
Update to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2
Release 22.4.4
Update to 2.15.0:
* Add: new display HW attribute to report PCI ID
* Add: sample depth related parameters for AV1e
* Add: refresh_frame_flags for AV1e
* Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.
* Add: nvidia-drm to the drm driver map
* Add: type and buffer for delta qp per block
* Deprecation: remove the va_fool support
* Fix:Correct the version of meson build on master branch
* Fix:X11 DRI2: check if device is a render node
* Build:Use also strong stack protection if supported
* Trace:print the string for profile/entrypoint/configattrib
Update to 2.14.0:
* add: Add av1 encode interfaces
* add: VA/X11 VAAPI driver mapping for crocus DRI driver
* doc: Add description of the fd management for surface importing
* ci: fix freebsd build
* meson: Copy public headers to build directory to support subproject
Update to 2.13.0:
* add new surface format fourcc XYUV
* Fix av1 dec doc page link issue
* unify the code styles using the style_unify script
* Check the function pointer before using (fixes github issue#536)
* update NEWS for 2.13.0
update to 2.12.0:
* add: Report the capability of vaCopy support
* add: Report the capability of sub device
* add: Add config attributes to advertise HEVC/H.265 encoder features
* add: Video processing HVS Denoise: Added 4 modes
* add: Introduce VASurfaceAttribDRMFormatModifiers
* add: Add 3DLUT Filter in Video Processing.
* doc: Update log2_tile_column description for vp9enc
* trace: Correct av1 film grain trace information
* ci: Fix freebsd build by switching to vmactions/freebsd-vm@v0.1.3
update to 2.11.0:
* add: LibVA Protected Content API
* add: Add a configuration attribute to advertise AV1d LST feature
* fix: wayland: don't try to authenticate with render nodes
* autotools: use shell grouping instead of sed to prepend a line
* trace: Add details data dump for mpeg2 IQ matrix.
* doc: update docs for VASurfaceAttribPixelFormat
* doc: Libva documentation edit for AV1 reference frames
* doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment
* doc: Remove tile_rows and tile_cols restriction to match AV1 spec
* doc: Format code for doxygen output
* doc: AV1 decode documentation edit for superres_scale_denominator
* ci: upgrade FreeBSD to 12.2
* ci: disable travis build
* ci: update cache before attempting to install packages
* ci: avoid running workloads on other workloads changes
* ci: enable github actions
update to 2.10.0:
* add: Pass offset and size of pred_weight_table
* add: add vaCopy interface to copy surface and buffer
* add: add definition for different execution
* add: New parameters for transport controlled BRC were added
* add: add FreeBSD support
* add: add a bufer type to adjust context priority dynamically
* fix: correct the api version in meson.build
* fix: remove deprecated variable from va_trace.c
* fix: Use va_deprecated for the deprecate variable
* fix: Mark chroma_sample_position as deprecated
* doc: va_dec_av1: clarifies CDEF syntax element packing
* doc: [AV1] Update documented ranges for loop filter and quantization params.
* doc: Update va.h for multi-threaded usages
* trace: va/va_trace: ignore system gettid() on Linux
Update to 2.9.1:
* fix version mismatch between meson and autotools
Update to 2.9.0:
* trace: Refine the va_TraceVAPictureParameterBufferAV1.
* doc: Add comments for backward/forward reference to avoid confusion
* doc: Modify comments in av1 decoder interfaces
* doc: Update mailing list
* Add SCC fields trace for HEVC SCC encoding.
* Add FOURCC code for Y212 and Y412 format.
* Add interpolation method for scaling.
* add attributes for context priority setting
* Add vaSyncBuffer for output buffers synchronization
* Add vaSyncSurface2 with timeout
Update to 2.8.0:
* trace: enable return value trace for successful function call
* trace: divide va_TraceEndPicture to two seperate function
* trace: add support for VAProfileHEVCSccMain444_10
* fix:Fixes file descriptor leak
* add fourcc code for P012 format
* travis: Add a test that code files don't have the exec bit set
* Remove the execute bit from all source code files
* meson: Allow for libdir and includedir to be absolute paths
* trace: Fix format string warnings
* fix:Fix clang warning (reading garbage)
* add definition to enforce both reflist not empty
* trace: List correct field names in va_TraceVAPictureParameterBufferHEVC
* change the return value to be UNIMPLEMENTED when the function pointer is NULL
* remove check of vaPutSurface implementation
* Add new slice structure flag for CAPS reporting
* VA/X11: VAAPI driver mapping for iris DRI driver
* VA/X11: enable driver candidate selection for DRI2
* Add SCC flags to enable/disable features
* fix: Fix HDR10 MaxCLL and MaxFALL documentation
* Add VAProfileHEVCSccMain444_10 for HEVC
* change the compatible list to be dynamic one
* trace:Convert VAProfileAV1Profile0 VAProfileAV1Profile1 to string
Update to version 2.7.0:
* trace: av1 decode buffers trace
* trace: Add HEVC REXT and SCC trace for decoding.
* Add av1 decode interfaces
* Fix crashes on system without supported hardware by PR #369.
* Add 2 FourCC for 10bit RGB(without Alpha) format: X2R10G10B10
and X2B10G10R10.
* Fix android build issue #365 and remove some trailing
whitespace
* Adjust call sequence to ensure authenticate operation is
executed to fix #355
Update to version 2.6.1:
* adjust call sequence to ensure authenticate operation is
executed this patch is not needed for media-driver, but
needed for i965 driver which check authentication.
Update to version 2.6.0:
* enable the mutiple driver selection logic and enable it for DRM.
* drm: Add iHD to driver_name_map
* Add missed slice parameter 'slice_data_num_emu_prevn_bytes'
* ensure that all meson files are part of the release tarball
* configure: use correct comparison operator
* trace: support VAConfigAttribMultipleFrame in trace
* remove incorrect field of VAConfigAttribValDecJPEG
* va/va_trace: Dump VP9 parameters for profile 1~3
* add multiple frame capability report
* add variable to indicate layer infromation
* trace: fix memory leak on closing the trace
* add prediction direction caps report
* Add comments for colour primaries and transfer characteristics in VAProcColorProperties
This release is needed for latest intel-media-driver update (jsc#SLE-8838)
Update to version 2.5.0:
* Correct the comment of color_range.
* Add VA_FOURCC_A2B10G10R10 for format a2b10g10r10.
* Adjust VAEncMiscParameterQuantization structure to be align with VAEncMiscParameterBuffer(possible to impact BC)
* Add attribute for max frame size
* Add va_footer.html into distribution build
* va_trace: hevc profiles added
* Add new definition for input/output surface flag
* va/va_trace: add trace support for VAEncMiscParameterTypeSkipFrame structure.
* va/va_trace: add MPEG2 trace support for MiscParam and SequenceParam
* va_openDriver: check strdup return value
* Mark some duplicated field as deprecated
* Add return value into logs
* va/va_trace: add trace support for VAEncMiscParameterEncQuality structure.
* Add newformat foucc defination
* va_backend: remove unneeded linux/videodev2.h include
* va_trace: add missing <sys/time.h> include
* configure: don't build glx if VA/X11 isn't built
* va/va_trace: unbreak with C89 after b369467
* [common] Add A2RGB10 fourcc definition
* build: meson: enables va messaging and visibility
* va/va_trace: add trace support for RIR(rolling intra refresh).
* va/va_trace: add trace support for ROI(region of interest)
Update to version 2.4.1:
* [common] Add A2RGB10 fourcc definition.
* build: meson: enables va messaging and visibility.
* va/va_trace:
- Add trace support for RIR(rolling intra refresh).
- Add trace support for ROI(region of interest).
Update to version 2.4.0:
* va_TraceSurface support for VA_FOURCC_P010
* Add pointer to struct wl_interface for driver to use
* (integrate) va: fix new line symbol in error message
* av: avoid driver path truncation
* Fix compilation warning (uninit and wrong variable types) for
Android O MR1
* Allow import of the DRM PRIME 2 memory type
* android: ignore unimportant compile warnnings
* compile: fix sign/unsign compare in va_trace.c
* android: replace utils/Log.h with log/log.h
* High Dynamic Range Tone Mapping: Add a new filter for input
metadata and some comments
* Remove restrictions on vaSetDriverName()
Patchnames: SUSE-2025-1477,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1477,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1477
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-security-upd… | self |
| https://bugzilla.suse.com/1202828 | self |
| https://bugzilla.suse.com/1217770 | self |
| https://bugzilla.suse.com/1224413 | self |
| https://www.suse.com/security/cve/CVE-2023-39929/ | self |
| https://www.suse.com/security/cve/CVE-2023-39929 | external |
| https://bugzilla.suse.com/1224413 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libva",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libva fixes the following issues:\n\nUpdate to libva version 2.20.0, which includes security fix for:\n\n* uncontrolled search path may allow an authenticated user to\n escalate privilege via local access (CVE-2023-39929,\n bsc#1224413, jsc#PED-11066)\n\nThis includes latest version of one of the components needed for Video\n(processing) hardware support on Intel GPUs (bsc#1217770)\n\nUpdate to version 2.20.0:\n\n * av1: Revise offsets comments for av1 encode\n * drm:\n - Limit the array size to avoid out of range\n - Remove no longer used helpers\n * jpeg: add support for crop and partial decode\n * trace:\n - Add trace for vaExportSurfaceHandle\n - Unlock mutex before return\n - Fix minor issue about printf data type and value range\n * va/backend:\n - Annotate vafool as deprecated\n - Document the vaGetDriver* APIs\n * va/x11/va_fglrx: Remove some dead code\n * va/x11/va_nvctrl: Remove some dead code\n * va:\n - Add new VADecodeErrorType to indicate the reset happended in\n the driver\n - Add vendor string on va_TraceInitialize\n - Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)\n - Drop no longer applicable vaGetDriverNames check\n - Fix:don\u0027t leak driver names, when override is set\n - Fix:set driver number to be zero if vaGetDriverNames failed\n - Optimize code of getting driver name for all protocols/os\n (wayland,x11,drm,win32,android)\n - Remove legacy code paths\n - Remove unreachable \u0027DRIVER BUG\u0027\n * win32:\n - Only print win32 driver messages in DEBUG builds\n - Remove duplicate adapter_luid entry\n * x11/dri2: limit the array handling to avoid out of range access\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var\n - Implement vaGetDriverNames\n - Remove legacy code paths\n\nUpdate to 2.19.0:\n\n * add: Add mono_chrome to VAEncSequenceParameterBufferAV1\n * add: Enable support for license acquisition of multiple protected\n playbacks\n * fix: use secure_getenv instead of getenv\n * trace: Improve and add VA trace log for AV1 encode\n * trace: Unify va log message, replace va_TracePrint with va_TraceMsg.\n\nUpdate to version 2.18.0:\n\n * doc: Add build and install libva informatio in home page.\n * fix:\n - Add libva.def into distribution package\n - NULL check before calling strncmp.\n - Remove reference to non-existent symbol\n * meson: docs:\n - Add encoder interface for av1\n - Use libva_version over project_version()\n * va:\n - Add VAProfileH264High10\n - Always build with va-messaging API\n - Fix the codying style of CHECK_DISPLAY\n - Remove Android pre Jelly Bean workarounds\n - Remove dummy isValid() hook\n - Remove unused drm_sarea.h include \u0026 ANDROID references in\n va_dricommon.h\n - va/sysdeps.h: remove Android section\n * x11:\n - Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var\n - Use LIBVA_DRI3_DISABLE in GetNumCandidates\n\nUpdate to 2.17.0:\n\n * win: Simplify signature for driver name loading\n * win: Rewrite driver registry query and fix some\n bugs/leaks/inefficiencies\n * win: Add missing null check after calloc\n * va: Update security disclaimer\n * dep:remove the file .cvsignore\n * pkgconfig: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * meson: add \u0027with-legacy\u0027 for emgd, nvctrl and fglrx\n * x11: move all FGLRX code to va_fglrx.c\n * x11: move all NVCTRL code to va_nvctrl.c\n * meson: stop using deprecated meson.source_root()\n * meson: stop using configure_file copy=true\n * va: correctly include the win32 (local) headers\n * win: clean-up the coding style\n * va: dos2unix all the files\n * drm: remove unnecessary dri2 version/extension query\n * trace: annotate internal functions with DLL_HIDDEN\n * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_\n support level attribute instead\n * meson: Check support for -Wl,-version-script and build link_args\n accordingly\n * meson: Set va_win32 soversion to \u0027\u0027 and remove the install_data rename\n * fix: resouce check null\n * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes\n * va_trace: va_TraceSurfaceAttributes should check the\n VASurfaceAttribMemoryType\n * va: Adds Win32 Node and Windows build support\n * va: Adds compat_win32 abstraction for Windows build and prepares va\n common code for windows build\n * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled\n * meson: Add with_win32 option, makes libdrm non-mandatory on Win\n * x11: add basic DRI3 support\n * drm: remove VA_DRM_IsRenderNodeFd() helper\n * drm: add radeon drm + radeonsi mesa combo\n\nNeeded for jira#PED-1174 (Video decoding/encoding support (VA-API,\n...) for Intel GPUs is outside of Mesa)\n\nupdate to 2.16.0:\n\n * add: Add HierarchicalFlag \u0026 hierarchical_level_plus1 for AV1e.\n * dep: Update README.md to remove badge links\n * dep: Removed waffle-io badge from README to fix broken link\n * dep: Drop mailing list, IRC and Slack\n * autotools: use wayland-scanner private-code\n * autotools: use the wayland-scanner.pc to locate the prog\n * meson: use wayland-scanner private-code\n * meson: request native wayland-scanner\n * meson: use the wayland-scanner.pc to locate the prog\n * meson: set HAVE_VA_X11 when applicable\n * style:Correct slight coding style in several new commits\n * trace: add Linux ftrace mode for va trace\n * trace: Add missing pthread_mutex_destroy\n * drm: remove no-longer needed X == X mappings\n * drm: fallback to drm driver name == va driver name\n * drm: simplify the mapping table\n * x11: simplify the mapping table\n\nUpdate to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2\nRelease 22.4.4\n\nUpdate to 2.15.0:\n\n * Add: new display HW attribute to report PCI ID\n * Add: sample depth related parameters for AV1e\n * Add: refresh_frame_flags for AV1e\n * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.\n * Add: nvidia-drm to the drm driver map\n * Add: type and buffer for delta qp per block\n * Deprecation: remove the va_fool support\n * Fix:Correct the version of meson build on master branch\n * Fix:X11 DRI2: check if device is a render node\n * Build:Use also strong stack protection if supported\n * Trace:print the string for profile/entrypoint/configattrib\n\nUpdate to 2.14.0:\n\n * add: Add av1 encode interfaces\n * add: VA/X11 VAAPI driver mapping for crocus DRI driver\n * doc: Add description of the fd management for surface importing\n * ci: fix freebsd build\n * meson: Copy public headers to build directory to support subproject\n \nUpdate to 2.13.0:\n\n * add new surface format fourcc XYUV\n * Fix av1 dec doc page link issue\n * unify the code styles using the style_unify script\n * Check the function pointer before using (fixes github issue#536)\n * update NEWS for 2.13.0\n\nupdate to 2.12.0:\n\n * add: Report the capability of vaCopy support\n * add: Report the capability of sub device\n * add: Add config attributes to advertise HEVC/H.265 encoder features\n * add: Video processing HVS Denoise: Added 4 modes\n * add: Introduce VASurfaceAttribDRMFormatModifiers\n * add: Add 3DLUT Filter in Video Processing.\n * doc: Update log2_tile_column description for vp9enc\n * trace: Correct av1 film grain trace information\n * ci: Fix freebsd build by switching to vmactions/freebsd-vm@v0.1.3\n\nupdate to 2.11.0:\n\n * add: LibVA Protected Content API\n * add: Add a configuration attribute to advertise AV1d LST feature\n * fix: wayland: don\u0027t try to authenticate with render nodes\n * autotools: use shell grouping instead of sed to prepend a line\n * trace: Add details data dump for mpeg2 IQ matrix.\n * doc: update docs for VASurfaceAttribPixelFormat\n * doc: Libva documentation edit for AV1 reference frames\n * doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment\n * doc: Remove tile_rows and tile_cols restriction to match AV1 spec\n * doc: Format code for doxygen output\n * doc: AV1 decode documentation edit for superres_scale_denominator\n * ci: upgrade FreeBSD to 12.2\n * ci: disable travis build\n * ci: update cache before attempting to install packages\n * ci: avoid running workloads on other workloads changes\n * ci: enable github actions \n\nupdate to 2.10.0:\n\n * add: Pass offset and size of pred_weight_table\n * add: add vaCopy interface to copy surface and buffer\n * add: add definition for different execution\n * add: New parameters for transport controlled BRC were added\n * add: add FreeBSD support\n * add: add a bufer type to adjust context priority dynamically\n * fix: correct the api version in meson.build\n * fix: remove deprecated variable from va_trace.c\n * fix: Use va_deprecated for the deprecate variable\n * fix: Mark chroma_sample_position as deprecated\n * doc: va_dec_av1: clarifies CDEF syntax element packing\n * doc: [AV1] Update documented ranges for loop filter and quantization params.\n * doc: Update va.h for multi-threaded usages\n * trace: va/va_trace: ignore system gettid() on Linux\n \nUpdate to 2.9.1:\n\n * fix version mismatch between meson and autotools \n\nUpdate to 2.9.0:\n\n * trace: Refine the va_TraceVAPictureParameterBufferAV1.\n * doc: Add comments for backward/forward reference to avoid confusion\n * doc: Modify comments in av1 decoder interfaces\n * doc: Update mailing list\n * Add SCC fields trace for HEVC SCC encoding.\n * Add FOURCC code for Y212 and Y412 format.\n * Add interpolation method for scaling.\n * add attributes for context priority setting\n * Add vaSyncBuffer for output buffers synchronization\n * Add vaSyncSurface2 with timeout\n \nUpdate to 2.8.0:\n\n * trace: enable return value trace for successful function call\n * trace: divide va_TraceEndPicture to two seperate function\n * trace: add support for VAProfileHEVCSccMain444_10\n * fix:Fixes file descriptor leak\n * add fourcc code for P012 format\n * travis: Add a test that code files don\u0027t have the exec bit set\n * Remove the execute bit from all source code files\n * meson: Allow for libdir and includedir to be absolute paths\n * trace: Fix format string warnings\n * fix:Fix clang warning (reading garbage)\n * add definition to enforce both reflist not empty\n * trace: List correct field names in va_TraceVAPictureParameterBufferHEVC\n * change the return value to be UNIMPLEMENTED when the function pointer is NULL\n * remove check of vaPutSurface implementation\n * Add new slice structure flag for CAPS reporting\n * VA/X11: VAAPI driver mapping for iris DRI driver\n * VA/X11: enable driver candidate selection for DRI2\n * Add SCC flags to enable/disable features\n * fix: Fix HDR10 MaxCLL and MaxFALL documentation\n * Add VAProfileHEVCSccMain444_10 for HEVC\n * change the compatible list to be dynamic one\n * trace:Convert VAProfileAV1Profile0 VAProfileAV1Profile1 to string\n\nUpdate to version 2.7.0:\n\n * trace: av1 decode buffers trace\n * trace: Add HEVC REXT and SCC trace for decoding.\n * Add av1 decode interfaces\n * Fix crashes on system without supported hardware by PR #369.\n * Add 2 FourCC for 10bit RGB(without Alpha) format: X2R10G10B10\n and X2B10G10R10.\n * Fix android build issue #365 and remove some trailing\n whitespace\n * Adjust call sequence to ensure authenticate operation is\n executed to fix #355\n\nUpdate to version 2.6.1:\n\n * adjust call sequence to ensure authenticate operation is\n executed this patch is not needed for media-driver, but\n needed for i965 driver which check authentication. \n\nUpdate to version 2.6.0:\n\n * enable the mutiple driver selection logic and enable it for DRM.\n * drm: Add iHD to driver_name_map\n * Add missed slice parameter \u0027slice_data_num_emu_prevn_bytes\u0027\n * ensure that all meson files are part of the release tarball\n * configure: use correct comparison operator\n * trace: support VAConfigAttribMultipleFrame in trace\n * remove incorrect field of VAConfigAttribValDecJPEG\n * va/va_trace: Dump VP9 parameters for profile 1~3\n * add multiple frame capability report\n * add variable to indicate layer infromation\n * trace: fix memory leak on closing the trace\n * add prediction direction caps report\n * Add comments for colour primaries and transfer characteristics in VAProcColorProperties\n\nThis release is needed for latest intel-media-driver update (jsc#SLE-8838)\n\nUpdate to version 2.5.0:\n\n * Correct the comment of color_range.\n * Add VA_FOURCC_A2B10G10R10 for format a2b10g10r10.\n * Adjust VAEncMiscParameterQuantization structure to be align with VAEncMiscParameterBuffer(possible to impact BC)\n * Add attribute for max frame size\n * Add va_footer.html into distribution build\n * va_trace: hevc profiles added\n * Add new definition for input/output surface flag\n * va/va_trace: add trace support for VAEncMiscParameterTypeSkipFrame structure.\n * va/va_trace: add MPEG2 trace support for MiscParam and SequenceParam\n * va_openDriver: check strdup return value\n * Mark some duplicated field as deprecated\n * Add return value into logs\n * va/va_trace: add trace support for VAEncMiscParameterEncQuality structure.\n * Add newformat foucc defination\n * va_backend: remove unneeded linux/videodev2.h include\n * va_trace: add missing \u003csys/time.h\u003e include\n * configure: don\u0027t build glx if VA/X11 isn\u0027t built\n * va/va_trace: unbreak with C89 after b369467\n * [common] Add A2RGB10 fourcc definition\n * build: meson: enables va messaging and visibility\n * va/va_trace: add trace support for RIR(rolling intra refresh).\n * va/va_trace: add trace support for ROI(region of interest)\n\nUpdate to version 2.4.1:\n\n * [common] Add A2RGB10 fourcc definition.\n * build: meson: enables va messaging and visibility.\n * va/va_trace:\n - Add trace support for RIR(rolling intra refresh).\n - Add trace support for ROI(region of interest).\n\nUpdate to version 2.4.0:\n\n * va_TraceSurface support for VA_FOURCC_P010\n * Add pointer to struct wl_interface for driver to use\n * (integrate) va: fix new line symbol in error message\n * av: avoid driver path truncation\n * Fix compilation warning (uninit and wrong variable types) for\n Android O MR1\n * Allow import of the DRM PRIME 2 memory type\n * android: ignore unimportant compile warnnings\n * compile: fix sign/unsign compare in va_trace.c\n * android: replace utils/Log.h with log/log.h\n * High Dynamic Range Tone Mapping: Add a new filter for input\n metadata and some comments\n * Remove restrictions on vaSetDriverName()\n\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1477,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1477,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1477",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1477-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1477-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251477-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1477-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020798.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202828",
"url": "https://bugzilla.suse.com/1202828"
},
{
"category": "self",
"summary": "SUSE Bug 1217770",
"url": "https://bugzilla.suse.com/1217770"
},
{
"category": "self",
"summary": "SUSE Bug 1224413",
"url": "https://bugzilla.suse.com/1224413"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39929 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39929/"
}
],
"title": "Security update for libva",
"tracking": {
"current_release_date": "2025-05-06T09:17:15Z",
"generator": {
"date": "2025-05-06T09:17:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1477-1",
"initial_release_date": "2025-05-06T09:17:15Z",
"revision_history": [
{
"date": "2025-05-06T09:17:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-3.3.4.aarch64",
"product": {
"name": "libva-devel-2.20.0-3.3.4.aarch64",
"product_id": "libva-devel-2.20.0-3.3.4.aarch64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-3.3.4.aarch64",
"product": {
"name": "libva-drm2-2.20.0-3.3.4.aarch64",
"product_id": "libva-drm2-2.20.0-3.3.4.aarch64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-3.3.5.aarch64",
"product": {
"name": "libva-gl-devel-2.20.0-3.3.5.aarch64",
"product_id": "libva-gl-devel-2.20.0-3.3.5.aarch64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-3.3.5.aarch64",
"product": {
"name": "libva-glx2-2.20.0-3.3.5.aarch64",
"product_id": "libva-glx2-2.20.0-3.3.5.aarch64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-3.3.5.aarch64",
"product": {
"name": "libva-wayland2-2.20.0-3.3.5.aarch64",
"product_id": "libva-wayland2-2.20.0-3.3.5.aarch64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-3.3.4.aarch64",
"product": {
"name": "libva-x11-2-2.20.0-3.3.4.aarch64",
"product_id": "libva-x11-2-2.20.0-3.3.4.aarch64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-3.3.4.aarch64",
"product": {
"name": "libva2-2.20.0-3.3.4.aarch64",
"product_id": "libva2-2.20.0-3.3.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product": {
"name": "libva-devel-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product_id": "libva-devel-64bit-2.20.0-3.3.4.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-drm2-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product": {
"name": "libva-drm2-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product_id": "libva-drm2-64bit-2.20.0-3.3.4.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-64bit-2.20.0-3.3.5.aarch64_ilp32",
"product": {
"name": "libva-gl-devel-64bit-2.20.0-3.3.5.aarch64_ilp32",
"product_id": "libva-gl-devel-64bit-2.20.0-3.3.5.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-glx2-64bit-2.20.0-3.3.5.aarch64_ilp32",
"product": {
"name": "libva-glx2-64bit-2.20.0-3.3.5.aarch64_ilp32",
"product_id": "libva-glx2-64bit-2.20.0-3.3.5.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-wayland2-64bit-2.20.0-3.3.5.aarch64_ilp32",
"product": {
"name": "libva-wayland2-64bit-2.20.0-3.3.5.aarch64_ilp32",
"product_id": "libva-wayland2-64bit-2.20.0-3.3.5.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva-x11-2-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product": {
"name": "libva-x11-2-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product_id": "libva-x11-2-64bit-2.20.0-3.3.4.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libva2-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product": {
"name": "libva2-64bit-2.20.0-3.3.4.aarch64_ilp32",
"product_id": "libva2-64bit-2.20.0-3.3.4.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-3.3.4.i586",
"product": {
"name": "libva-devel-2.20.0-3.3.4.i586",
"product_id": "libva-devel-2.20.0-3.3.4.i586"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-3.3.4.i586",
"product": {
"name": "libva-drm2-2.20.0-3.3.4.i586",
"product_id": "libva-drm2-2.20.0-3.3.4.i586"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-3.3.5.i586",
"product": {
"name": "libva-gl-devel-2.20.0-3.3.5.i586",
"product_id": "libva-gl-devel-2.20.0-3.3.5.i586"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-3.3.5.i586",
"product": {
"name": "libva-glx2-2.20.0-3.3.5.i586",
"product_id": "libva-glx2-2.20.0-3.3.5.i586"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-3.3.5.i586",
"product": {
"name": "libva-wayland2-2.20.0-3.3.5.i586",
"product_id": "libva-wayland2-2.20.0-3.3.5.i586"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-3.3.4.i586",
"product": {
"name": "libva-x11-2-2.20.0-3.3.4.i586",
"product_id": "libva-x11-2-2.20.0-3.3.4.i586"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-3.3.4.i586",
"product": {
"name": "libva2-2.20.0-3.3.4.i586",
"product_id": "libva2-2.20.0-3.3.4.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-3.3.4.ppc64le",
"product": {
"name": "libva-devel-2.20.0-3.3.4.ppc64le",
"product_id": "libva-devel-2.20.0-3.3.4.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-3.3.4.ppc64le",
"product": {
"name": "libva-drm2-2.20.0-3.3.4.ppc64le",
"product_id": "libva-drm2-2.20.0-3.3.4.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-3.3.5.ppc64le",
"product": {
"name": "libva-gl-devel-2.20.0-3.3.5.ppc64le",
"product_id": "libva-gl-devel-2.20.0-3.3.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-3.3.5.ppc64le",
"product": {
"name": "libva-glx2-2.20.0-3.3.5.ppc64le",
"product_id": "libva-glx2-2.20.0-3.3.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-3.3.5.ppc64le",
"product": {
"name": "libva-wayland2-2.20.0-3.3.5.ppc64le",
"product_id": "libva-wayland2-2.20.0-3.3.5.ppc64le"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-3.3.4.ppc64le",
"product": {
"name": "libva-x11-2-2.20.0-3.3.4.ppc64le",
"product_id": "libva-x11-2-2.20.0-3.3.4.ppc64le"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-3.3.4.ppc64le",
"product": {
"name": "libva2-2.20.0-3.3.4.ppc64le",
"product_id": "libva2-2.20.0-3.3.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-3.3.4.s390",
"product": {
"name": "libva-devel-2.20.0-3.3.4.s390",
"product_id": "libva-devel-2.20.0-3.3.4.s390"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-3.3.4.s390",
"product": {
"name": "libva-drm2-2.20.0-3.3.4.s390",
"product_id": "libva-drm2-2.20.0-3.3.4.s390"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-3.3.5.s390",
"product": {
"name": "libva-gl-devel-2.20.0-3.3.5.s390",
"product_id": "libva-gl-devel-2.20.0-3.3.5.s390"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-3.3.5.s390",
"product": {
"name": "libva-glx2-2.20.0-3.3.5.s390",
"product_id": "libva-glx2-2.20.0-3.3.5.s390"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-3.3.5.s390",
"product": {
"name": "libva-wayland2-2.20.0-3.3.5.s390",
"product_id": "libva-wayland2-2.20.0-3.3.5.s390"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-3.3.4.s390",
"product": {
"name": "libva-x11-2-2.20.0-3.3.4.s390",
"product_id": "libva-x11-2-2.20.0-3.3.4.s390"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-3.3.4.s390",
"product": {
"name": "libva2-2.20.0-3.3.4.s390",
"product_id": "libva2-2.20.0-3.3.4.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-3.3.4.s390x",
"product": {
"name": "libva-devel-2.20.0-3.3.4.s390x",
"product_id": "libva-devel-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva-devel-32bit-2.20.0-3.3.4.s390x",
"product": {
"name": "libva-devel-32bit-2.20.0-3.3.4.s390x",
"product_id": "libva-devel-32bit-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-3.3.4.s390x",
"product": {
"name": "libva-drm2-2.20.0-3.3.4.s390x",
"product_id": "libva-drm2-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva-drm2-32bit-2.20.0-3.3.4.s390x",
"product": {
"name": "libva-drm2-32bit-2.20.0-3.3.4.s390x",
"product_id": "libva-drm2-32bit-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-3.3.5.s390x",
"product": {
"name": "libva-gl-devel-2.20.0-3.3.5.s390x",
"product_id": "libva-gl-devel-2.20.0-3.3.5.s390x"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-32bit-2.20.0-3.3.5.s390x",
"product": {
"name": "libva-gl-devel-32bit-2.20.0-3.3.5.s390x",
"product_id": "libva-gl-devel-32bit-2.20.0-3.3.5.s390x"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-3.3.5.s390x",
"product": {
"name": "libva-glx2-2.20.0-3.3.5.s390x",
"product_id": "libva-glx2-2.20.0-3.3.5.s390x"
}
},
{
"category": "product_version",
"name": "libva-glx2-32bit-2.20.0-3.3.5.s390x",
"product": {
"name": "libva-glx2-32bit-2.20.0-3.3.5.s390x",
"product_id": "libva-glx2-32bit-2.20.0-3.3.5.s390x"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-3.3.5.s390x",
"product": {
"name": "libva-wayland2-2.20.0-3.3.5.s390x",
"product_id": "libva-wayland2-2.20.0-3.3.5.s390x"
}
},
{
"category": "product_version",
"name": "libva-wayland2-32bit-2.20.0-3.3.5.s390x",
"product": {
"name": "libva-wayland2-32bit-2.20.0-3.3.5.s390x",
"product_id": "libva-wayland2-32bit-2.20.0-3.3.5.s390x"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-3.3.4.s390x",
"product": {
"name": "libva-x11-2-2.20.0-3.3.4.s390x",
"product_id": "libva-x11-2-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva-x11-2-32bit-2.20.0-3.3.4.s390x",
"product": {
"name": "libva-x11-2-32bit-2.20.0-3.3.4.s390x",
"product_id": "libva-x11-2-32bit-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-3.3.4.s390x",
"product": {
"name": "libva2-2.20.0-3.3.4.s390x",
"product_id": "libva2-2.20.0-3.3.4.s390x"
}
},
{
"category": "product_version",
"name": "libva2-32bit-2.20.0-3.3.4.s390x",
"product": {
"name": "libva2-32bit-2.20.0-3.3.4.s390x",
"product_id": "libva2-32bit-2.20.0-3.3.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libva-devel-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva-devel-2.20.0-3.3.4.x86_64",
"product_id": "libva-devel-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva-devel-32bit-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva-devel-32bit-2.20.0-3.3.4.x86_64",
"product_id": "libva-devel-32bit-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva-drm2-2.20.0-3.3.4.x86_64",
"product_id": "libva-drm2-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva-drm2-32bit-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva-drm2-32bit-2.20.0-3.3.4.x86_64",
"product_id": "libva-drm2-32bit-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-2.20.0-3.3.5.x86_64",
"product": {
"name": "libva-gl-devel-2.20.0-3.3.5.x86_64",
"product_id": "libva-gl-devel-2.20.0-3.3.5.x86_64"
}
},
{
"category": "product_version",
"name": "libva-gl-devel-32bit-2.20.0-3.3.5.x86_64",
"product": {
"name": "libva-gl-devel-32bit-2.20.0-3.3.5.x86_64",
"product_id": "libva-gl-devel-32bit-2.20.0-3.3.5.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-2.20.0-3.3.5.x86_64",
"product": {
"name": "libva-glx2-2.20.0-3.3.5.x86_64",
"product_id": "libva-glx2-2.20.0-3.3.5.x86_64"
}
},
{
"category": "product_version",
"name": "libva-glx2-32bit-2.20.0-3.3.5.x86_64",
"product": {
"name": "libva-glx2-32bit-2.20.0-3.3.5.x86_64",
"product_id": "libva-glx2-32bit-2.20.0-3.3.5.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-2.20.0-3.3.5.x86_64",
"product": {
"name": "libva-wayland2-2.20.0-3.3.5.x86_64",
"product_id": "libva-wayland2-2.20.0-3.3.5.x86_64"
}
},
{
"category": "product_version",
"name": "libva-wayland2-32bit-2.20.0-3.3.5.x86_64",
"product": {
"name": "libva-wayland2-32bit-2.20.0-3.3.5.x86_64",
"product_id": "libva-wayland2-32bit-2.20.0-3.3.5.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva-x11-2-2.20.0-3.3.4.x86_64",
"product_id": "libva-x11-2-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva-x11-2-32bit-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva-x11-2-32bit-2.20.0-3.3.4.x86_64",
"product_id": "libva-x11-2-32bit-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva2-2.20.0-3.3.4.x86_64",
"product_id": "libva2-2.20.0-3.3.4.x86_64"
}
},
{
"category": "product_version",
"name": "libva2-32bit-2.20.0-3.3.4.x86_64",
"product": {
"name": "libva2-32bit-2.20.0-3.3.4.x86_64",
"product_id": "libva2-32bit-2.20.0-3.3.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64"
},
"product_reference": "libva-devel-2.20.0-3.3.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le"
},
"product_reference": "libva-devel-2.20.0-3.3.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x"
},
"product_reference": "libva-devel-2.20.0-3.3.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva-devel-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64"
},
"product_reference": "libva-drm2-2.20.0-3.3.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le"
},
"product_reference": "libva-drm2-2.20.0-3.3.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x"
},
"product_reference": "libva-drm2-2.20.0-3.3.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva-drm2-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64"
},
"product_reference": "libva-x11-2-2.20.0-3.3.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le"
},
"product_reference": "libva-x11-2-2.20.0-3.3.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x"
},
"product_reference": "libva-x11-2-2.20.0-3.3.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64"
},
"product_reference": "libva2-2.20.0-3.3.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le"
},
"product_reference": "libva2-2.20.0-3.3.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x"
},
"product_reference": "libva2-2.20.0-3.3.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva2-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-devel-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva-devel-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-drm2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva-drm2-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva-x11-2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva-x11-2-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libva2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"
},
"product_reference": "libva2-2.20.0-3.3.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39929"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39929",
"url": "https://www.suse.com/security/cve/CVE-2023-39929"
},
{
"category": "external",
"summary": "SUSE Bug 1224413 for CVE-2023-39929",
"url": "https://bugzilla.suse.com/1224413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-06T09:17:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-39929"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…