{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for libva","title":"Title of the patch"},{"category":"description","text":"This update for libva fixes the following issues:\n\nUpdate to libva version 2.20.0, which includes security fix for:\n\n* uncontrolled search path may allow an authenticated user to\n  escalate privilege via local access (CVE-2023-39929,\n  bsc#1224413, jsc#PED-11066)\n\nThis includes latest version of one of the components needed for Video\n(processing) hardware support on Intel GPUs (bsc#1217770)\n\nUpdate to version 2.20.0:\n\n  * av1: Revise offsets comments for av1 encode\n  * drm:\n    - Limit the array size to avoid out of range\n    - Remove no longer used helpers\n  * jpeg: add support for crop and partial decode\n  * trace:\n    - Add trace for vaExportSurfaceHandle\n    - Unlock mutex before return\n    - Fix minor issue about printf data type and value range\n  * va/backend:\n    - Annotate vafool as deprecated\n    - Document the vaGetDriver* APIs\n  * va/x11/va_fglrx: Remove some dead code\n  * va/x11/va_nvctrl: Remove some dead code\n  * va:\n    - Add new VADecodeErrorType to indicate the reset happended in\n      the driver\n    - Add vendor string on va_TraceInitialize\n    - Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)\n    - Drop no longer applicable vaGetDriverNames check\n    - Fix:don't leak driver names, when override is set\n    - Fix:set driver number to be zero if vaGetDriverNames failed\n    - Optimize code of getting driver name for all protocols/os\n      (wayland,x11,drm,win32,android)\n    - Remove legacy code paths\n    - Remove unreachable 'DRIVER BUG'\n  * win32:\n    - Only print win32 driver messages in DEBUG builds\n    - Remove duplicate adapter_luid entry\n  * x11/dri2: limit the array handling to avoid out of range access\n  * x11:\n    - Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var\n    - Implement vaGetDriverNames\n    - Remove legacy code paths\n\nUpdate to 2.19.0:\n\n  * add: Add mono_chrome to VAEncSequenceParameterBufferAV1\n  * add: Enable support for license acquisition of multiple protected\n    playbacks\n  * fix: use secure_getenv instead of getenv\n  * trace: Improve and add VA trace log for AV1 encode\n  * trace: Unify va log message, replace va_TracePrint with va_TraceMsg.\n\nUpdate to version 2.18.0:\n\n  * doc: Add build and install libva informatio in home page.\n  * fix:\n    - Add libva.def into distribution package\n    - NULL check before calling strncmp.\n    - Remove reference to non-existent symbol\n  * meson: docs:\n    - Add encoder interface for av1\n    - Use libva_version over project_version()\n  * va:\n    - Add VAProfileH264High10\n    - Always build with va-messaging API\n    - Fix the codying style of CHECK_DISPLAY\n    - Remove Android pre Jelly Bean workarounds\n    - Remove dummy isValid() hook\n    - Remove unused drm_sarea.h include & ANDROID references in\n      va_dricommon.h\n    - va/sysdeps.h: remove Android section\n  * x11:\n    - Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var\n    - Use LIBVA_DRI3_DISABLE in GetNumCandidates\n\nUpdate to 2.17.0:\n\n  * win: Simplify signature for driver name loading\n  * win: Rewrite driver registry query and fix some\n    bugs/leaks/inefficiencies\n  * win: Add missing null check after calloc\n  * va: Update security disclaimer\n  * dep:remove the file .cvsignore\n  * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx\n  * meson: add 'with-legacy' for emgd, nvctrl and fglrx\n  * x11: move all FGLRX code to va_fglrx.c\n  * x11: move all NVCTRL code to va_nvctrl.c\n  * meson: stop using deprecated meson.source_root()\n  * meson: stop using configure_file copy=true\n  * va: correctly include the win32 (local) headers\n  * win: clean-up the coding style\n  * va: dos2unix all the files\n  * drm: remove unnecessary dri2 version/extension query\n  * trace: annotate internal functions with DLL_HIDDEN\n  * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_\n    support level attribute instead\n  * meson: Check support for -Wl,-version-script and build link_args\n    accordingly\n  * meson: Set va_win32 soversion to '' and remove the install_data rename\n  * fix: resouce check null\n  * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes\n  * va_trace: va_TraceSurfaceAttributes should check the\n    VASurfaceAttribMemoryType\n  * va: Adds Win32 Node and Windows build support\n  * va: Adds compat_win32 abstraction for Windows build and prepares va\n    common code for windows build\n  * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled\n  * meson: Add with_win32 option, makes libdrm non-mandatory on Win\n  * x11: add basic DRI3 support\n  * drm: remove VA_DRM_IsRenderNodeFd() helper\n  * drm: add radeon drm + radeonsi mesa combo\n\nNeeded for jira#PED-1174 (Video decoding/encoding support (VA-API,\n...) for Intel GPUs is outside of Mesa)\n\nupdate to 2.16.0:\n\n  * add: Add HierarchicalFlag & hierarchical_level_plus1 for AV1e.\n  * dep: Update README.md to remove badge links\n  * dep: Removed waffle-io badge from README to fix broken link\n  * dep: Drop mailing list, IRC and Slack\n  * autotools: use wayland-scanner private-code\n  * autotools: use the wayland-scanner.pc to locate the prog\n  * meson: use wayland-scanner private-code\n  * meson: request native wayland-scanner\n  * meson: use the wayland-scanner.pc to locate the prog\n  * meson: set HAVE_VA_X11 when applicable\n  * style:Correct slight coding style in several new commits\n  * trace: add Linux ftrace mode for va trace\n  * trace: Add missing pthread_mutex_destroy\n  * drm: remove no-longer needed X == X mappings\n  * drm: fallback to drm driver name == va driver name\n  * drm: simplify the mapping table\n  * x11: simplify the mapping table\n\nUpdate to version 2.15.0 was part of Intel oneVPL GPU Runtime 2022Q2\nRelease 22.4.4\n\nUpdate to 2.15.0:\n\n  * Add: new display HW attribute to report PCI ID\n  * Add: sample depth related parameters for AV1e\n  * Add: refresh_frame_flags for AV1e\n  * Add: missing fields in va_TraceVAEncSequenceParameterBufferHEVC.\n  * Add: nvidia-drm to the drm driver map\n  * Add: type and buffer for delta qp per block\n  * Deprecation: remove the va_fool support\n  * Fix:Correct the version of meson build on master branch\n  * Fix:X11 DRI2: check if device is a render node\n  * Build:Use also strong stack protection if supported\n  * Trace:print the string for profile/entrypoint/configattrib\n\nUpdate to 2.14.0:\n\n  * add: Add av1 encode interfaces\n  * add: VA/X11 VAAPI driver mapping for crocus DRI driver\n  * doc: Add description of the fd management for surface importing\n  * ci: fix freebsd build\n  * meson: Copy public headers to build directory to support subproject\n  \nUpdate to 2.13.0:\n\n  * add new surface format fourcc XYUV\n  * Fix av1 dec doc page link issue\n  * unify the code styles using the style_unify script\n  * Check the function pointer before using (fixes github issue#536)\n  * update NEWS for 2.13.0\n\nupdate to 2.12.0:\n\n  * add: Report the capability of vaCopy support\n  * add: Report the capability of sub device\n  * add: Add config attributes to advertise HEVC/H.265 encoder features\n  * add: Video processing HVS Denoise: Added 4 modes\n  * add: Introduce VASurfaceAttribDRMFormatModifiers\n  * add: Add 3DLUT Filter in Video Processing.\n  * doc: Update log2_tile_column description for vp9enc\n  * trace: Correct av1 film grain trace information\n  * ci: Fix freebsd build by switching to vmactions/freebsd-vm@v0.1.3\n\nupdate to 2.11.0:\n\n  * add: LibVA Protected Content API\n  * add: Add a configuration attribute to advertise AV1d LST feature\n  * fix: wayland: don't try to authenticate with render nodes\n  * autotools: use shell grouping instead of sed to prepend a line\n  * trace: Add details data dump for mpeg2 IQ matrix.\n  * doc: update docs for VASurfaceAttribPixelFormat\n  * doc: Libva documentation edit for AV1 reference frames\n  * doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment\n  * doc: Remove tile_rows and tile_cols restriction to match AV1 spec\n  * doc: Format code for doxygen output\n  * doc: AV1 decode documentation edit for superres_scale_denominator\n  * ci: upgrade FreeBSD to 12.2\n  * ci: disable travis build\n  * ci: update cache before attempting to install packages\n  * ci: avoid running workloads on other workloads changes\n  * ci: enable github actions \n\nupdate to 2.10.0:\n\n  * add: Pass offset and size of pred_weight_table\n  * add: add vaCopy interface to copy surface and buffer\n  * add: add definition for different execution\n  * add: New parameters for transport controlled BRC were added\n  * add: add FreeBSD support\n  * add: add a bufer type to adjust context priority dynamically\n  * fix: correct the api version in meson.build\n  * fix: remove deprecated variable from va_trace.c\n  * fix: Use va_deprecated for the deprecate variable\n  * fix: Mark chroma_sample_position as deprecated\n  * doc: va_dec_av1: clarifies CDEF syntax element packing\n  * doc: [AV1] Update documented ranges for loop filter and quantization params.\n  * doc: Update va.h for multi-threaded usages\n  * trace: va/va_trace: ignore system gettid() on Linux\n    \nUpdate to 2.9.1:\n\n  * fix version mismatch between meson and autotools \n\nUpdate to 2.9.0:\n\n  * trace: Refine the va_TraceVAPictureParameterBufferAV1.\n  * doc: Add comments for backward/forward reference to avoid confusion\n  * doc: Modify comments in av1 decoder interfaces\n  * doc: Update mailing list\n  * Add SCC fields trace for HEVC SCC encoding.\n  * Add FOURCC code for Y212 and Y412 format.\n  * Add interpolation method for scaling.\n  * add attributes for context priority setting\n  * Add vaSyncBuffer for output buffers synchronization\n  * Add vaSyncSurface2 with timeout\n \nUpdate to 2.8.0:\n\n  * trace: enable return value trace for successful function call\n  * trace: divide va_TraceEndPicture to two seperate function\n  * trace: add support for VAProfileHEVCSccMain444_10\n  * fix:Fixes file descriptor leak\n  * add fourcc code for P012 format\n  * travis: Add a test that code files don't have the exec bit set\n  * Remove the execute bit from all source code files\n  * meson: Allow for libdir and includedir to be absolute paths\n  * trace: Fix format string warnings\n  * fix:Fix clang warning (reading garbage)\n  * add definition to enforce both reflist not empty\n  * trace: List correct field names in va_TraceVAPictureParameterBufferHEVC\n  * change the return value to be UNIMPLEMENTED when the function pointer is NULL\n  * remove check of vaPutSurface implementation\n  * Add new slice structure flag for CAPS reporting\n  * VA/X11: VAAPI driver mapping for iris DRI driver\n  * VA/X11: enable driver candidate selection for DRI2\n  * Add SCC flags to enable/disable features\n  * fix: Fix HDR10 MaxCLL and MaxFALL documentation\n  * Add VAProfileHEVCSccMain444_10 for HEVC\n  * change the compatible list to be dynamic one\n  * trace:Convert VAProfileAV1Profile0 VAProfileAV1Profile1 to string\n\nUpdate to version 2.7.0:\n\n  * trace: av1 decode buffers trace\n  * trace: Add HEVC REXT and SCC trace for decoding.\n  * Add av1 decode interfaces\n  * Fix crashes on system without supported hardware by PR #369.\n  * Add 2 FourCC for 10bit RGB(without Alpha) format: X2R10G10B10\n    and X2B10G10R10.\n  * Fix android build issue #365 and remove some trailing\n    whitespace\n  * Adjust call sequence to ensure authenticate operation is\n    executed to fix #355\n\nUpdate to version 2.6.1:\n\n  * adjust call sequence to ensure authenticate operation is\n    executed this patch is not needed for media-driver, but\n    needed for i965 driver which check authentication. \n\nUpdate to version 2.6.0:\n\n  * enable the mutiple driver selection logic and enable it for DRM.\n  * drm: Add iHD to driver_name_map\n  * Add missed slice parameter 'slice_data_num_emu_prevn_bytes'\n  * ensure that all meson files are part of the release tarball\n  * configure: use correct comparison operator\n  * trace: support VAConfigAttribMultipleFrame in trace\n  * remove incorrect field of VAConfigAttribValDecJPEG\n  * va/va_trace: Dump VP9 parameters for profile 1~3\n  * add multiple frame capability report\n  * add variable to indicate layer infromation\n  * trace: fix memory leak on closing the trace\n  * add prediction direction caps report\n  * Add comments for colour primaries and transfer characteristics in VAProcColorProperties\n\nThis release is needed for latest intel-media-driver update (jsc#SLE-8838)\n\nUpdate to version 2.5.0:\n\n  * Correct the comment of color_range.\n  * Add VA_FOURCC_A2B10G10R10 for format a2b10g10r10.\n  * Adjust VAEncMiscParameterQuantization structure to be align with VAEncMiscParameterBuffer(possible to impact BC)\n  * Add attribute for max frame size\n  * Add va_footer.html into distribution build\n  * va_trace: hevc profiles added\n  * Add new definition for input/output surface flag\n  * va/va_trace: add trace support for VAEncMiscParameterTypeSkipFrame structure.\n  * va/va_trace: add MPEG2 trace support for MiscParam and SequenceParam\n  * va_openDriver: check strdup return value\n  * Mark some duplicated field as deprecated\n  * Add return value into logs\n  * va/va_trace: add trace support for VAEncMiscParameterEncQuality structure.\n  * Add newformat foucc defination\n  * va_backend: remove unneeded linux/videodev2.h include\n  * va_trace: add missing <sys/time.h> include\n  * configure: don't build glx if VA/X11 isn't built\n  * va/va_trace: unbreak with C89 after b369467\n  * [common] Add A2RGB10 fourcc definition\n  * build: meson: enables va messaging and visibility\n  * va/va_trace: add trace support for RIR(rolling intra refresh).\n  * va/va_trace: add trace support for ROI(region of interest)\n\nUpdate to version 2.4.1:\n\n  * [common] Add A2RGB10 fourcc definition.\n  * build: meson: enables va messaging and visibility.\n  * va/va_trace:\n    - Add trace support for RIR(rolling intra refresh).\n    - Add trace support for ROI(region of interest).\n\nUpdate to version 2.4.0:\n\n  * va_TraceSurface support for VA_FOURCC_P010\n  * Add pointer to struct wl_interface for driver to use\n  * (integrate) va: fix new line symbol in error message\n  * av: avoid driver path truncation\n  * Fix compilation warning (uninit and wrong variable types) for\n    Android O MR1\n  * Allow import of the DRM PRIME 2 memory type\n  * android: ignore unimportant compile warnnings\n  * compile: fix sign/unsign compare in va_trace.c\n  * android: replace utils/Log.h with log/log.h\n  * High Dynamic Range Tone Mapping: Add a new filter for input\n    metadata and some comments\n  * Remove restrictions on vaSetDriverName()\n\n  ","title":"Description of the patch"},{"category":"details","text":"SUSE-2025-1477,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1477,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1477","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1477-1.json"},{"category":"self","summary":"URL for SUSE-SU-2025:1477-1","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20251477-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2025:1477-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2025-May/020798.html"},{"category":"self","summary":"SUSE Bug 1202828","url":"https://bugzilla.suse.com/1202828"},{"category":"self","summary":"SUSE Bug 1217770","url":"https://bugzilla.suse.com/1217770"},{"category":"self","summary":"SUSE Bug 1224413","url":"https://bugzilla.suse.com/1224413"},{"category":"self","summary":"SUSE CVE CVE-2023-39929 page","url":"https://www.suse.com/security/cve/CVE-2023-39929/"}],"title":"Security update for libva","tracking":{"current_release_date":"2025-05-06T09:17:15Z","generator":{"date":"2025-05-06T09:17:15Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2025:1477-1","initial_release_date":"2025-05-06T09:17:15Z","revision_history":[{"date":"2025-05-06T09:17:15Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"libva-devel-2.20.0-3.3.4.aarch64","product":{"name":"libva-devel-2.20.0-3.3.4.aarch64","product_id":"libva-devel-2.20.0-3.3.4.aarch64"}},{"category":"product_version","name":"libva-drm2-2.20.0-3.3.4.aarch64","product":{"name":"libva-drm2-2.20.0-3.3.4.aarch64","product_id":"libva-drm2-2.20.0-3.3.4.aarch64"}},{"category":"product_version","name":"libva-gl-devel-2.20.0-3.3.5.aarch64","product":{"name":"libva-gl-devel-2.20.0-3.3.5.aarch64","product_id":"libva-gl-devel-2.20.0-3.3.5.aarch64"}},{"category":"product_version","name":"libva-glx2-2.20.0-3.3.5.aarch64","product":{"name":"libva-glx2-2.20.0-3.3.5.aarch64","product_id":"libva-glx2-2.20.0-3.3.5.aarch64"}},{"category":"product_version","name":"libva-wayland2-2.20.0-3.3.5.aarch64","product":{"name":"libva-wayland2-2.20.0-3.3.5.aarch64","product_id":"libva-wayland2-2.20.0-3.3.5.aarch64"}},{"category":"product_version","name":"libva-x11-2-2.20.0-3.3.4.aarch64","product":{"name":"libva-x11-2-2.20.0-3.3.4.aarch64","product_id":"libva-x11-2-2.20.0-3.3.4.aarch64"}},{"category":"product_version","name":"libva2-2.20.0-3.3.4.aarch64","product":{"name":"libva2-2.20.0-3.3.4.aarch64","product_id":"libva2-2.20.0-3.3.4.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"libva-devel-64bit-2.20.0-3.3.4.aarch64_ilp32","product":{"name":"libva-devel-64bit-2.20.0-3.3.4.aarch64_ilp32","product_id":"libva-devel-64bit-2.20.0-3.3.4.aarch64_ilp32"}},{"category":"product_version","name":"libva-drm2-64bit-2.20.0-3.3.4.aarch64_ilp32","product":{"name":"libva-drm2-64bit-2.20.0-3.3.4.aarch64_ilp32","product_id":"libva-drm2-64bit-2.20.0-3.3.4.aarch64_ilp32"}},{"category":"product_version","name":"libva-gl-devel-64bit-2.20.0-3.3.5.aarch64_ilp32","product":{"name":"libva-gl-devel-64bit-2.20.0-3.3.5.aarch64_ilp32","product_id":"libva-gl-devel-64bit-2.20.0-3.3.5.aarch64_ilp32"}},{"category":"product_version","name":"libva-glx2-64bit-2.20.0-3.3.5.aarch64_ilp32","product":{"name":"libva-glx2-64bit-2.20.0-3.3.5.aarch64_ilp32","product_id":"libva-glx2-64bit-2.20.0-3.3.5.aarch64_ilp32"}},{"category":"product_version","name":"libva-wayland2-64bit-2.20.0-3.3.5.aarch64_ilp32","product":{"name":"libva-wayland2-64bit-2.20.0-3.3.5.aarch64_ilp32","product_id":"libva-wayland2-64bit-2.20.0-3.3.5.aarch64_ilp32"}},{"category":"product_version","name":"libva-x11-2-64bit-2.20.0-3.3.4.aarch64_ilp32","product":{"name":"libva-x11-2-64bit-2.20.0-3.3.4.aarch64_ilp32","product_id":"libva-x11-2-64bit-2.20.0-3.3.4.aarch64_ilp32"}},{"category":"product_version","name":"libva2-64bit-2.20.0-3.3.4.aarch64_ilp32","product":{"name":"libva2-64bit-2.20.0-3.3.4.aarch64_ilp32","product_id":"libva2-64bit-2.20.0-3.3.4.aarch64_ilp32"}}],"category":"architecture","name":"aarch64_ilp32"},{"branches":[{"category":"product_version","name":"libva-devel-2.20.0-3.3.4.i586","product":{"name":"libva-devel-2.20.0-3.3.4.i586","product_id":"libva-devel-2.20.0-3.3.4.i586"}},{"category":"product_version","name":"libva-drm2-2.20.0-3.3.4.i586","product":{"name":"libva-drm2-2.20.0-3.3.4.i586","product_id":"libva-drm2-2.20.0-3.3.4.i586"}},{"category":"product_version","name":"libva-gl-devel-2.20.0-3.3.5.i586","product":{"name":"libva-gl-devel-2.20.0-3.3.5.i586","product_id":"libva-gl-devel-2.20.0-3.3.5.i586"}},{"category":"product_version","name":"libva-glx2-2.20.0-3.3.5.i586","product":{"name":"libva-glx2-2.20.0-3.3.5.i586","product_id":"libva-glx2-2.20.0-3.3.5.i586"}},{"category":"product_version","name":"libva-wayland2-2.20.0-3.3.5.i586","product":{"name":"libva-wayland2-2.20.0-3.3.5.i586","product_id":"libva-wayland2-2.20.0-3.3.5.i586"}},{"category":"product_version","name":"libva-x11-2-2.20.0-3.3.4.i586","product":{"name":"libva-x11-2-2.20.0-3.3.4.i586","product_id":"libva-x11-2-2.20.0-3.3.4.i586"}},{"category":"product_version","name":"libva2-2.20.0-3.3.4.i586","product":{"name":"libva2-2.20.0-3.3.4.i586","product_id":"libva2-2.20.0-3.3.4.i586"}}],"category":"architecture","name":"i586"},{"branches":[{"category":"product_version","name":"libva-devel-2.20.0-3.3.4.ppc64le","product":{"name":"libva-devel-2.20.0-3.3.4.ppc64le","product_id":"libva-devel-2.20.0-3.3.4.ppc64le"}},{"category":"product_version","name":"libva-drm2-2.20.0-3.3.4.ppc64le","product":{"name":"libva-drm2-2.20.0-3.3.4.ppc64le","product_id":"libva-drm2-2.20.0-3.3.4.ppc64le"}},{"category":"product_version","name":"libva-gl-devel-2.20.0-3.3.5.ppc64le","product":{"name":"libva-gl-devel-2.20.0-3.3.5.ppc64le","product_id":"libva-gl-devel-2.20.0-3.3.5.ppc64le"}},{"category":"product_version","name":"libva-glx2-2.20.0-3.3.5.ppc64le","product":{"name":"libva-glx2-2.20.0-3.3.5.ppc64le","product_id":"libva-glx2-2.20.0-3.3.5.ppc64le"}},{"category":"product_version","name":"libva-wayland2-2.20.0-3.3.5.ppc64le","product":{"name":"libva-wayland2-2.20.0-3.3.5.ppc64le","product_id":"libva-wayland2-2.20.0-3.3.5.ppc64le"}},{"category":"product_version","name":"libva-x11-2-2.20.0-3.3.4.ppc64le","product":{"name":"libva-x11-2-2.20.0-3.3.4.ppc64le","product_id":"libva-x11-2-2.20.0-3.3.4.ppc64le"}},{"category":"product_version","name":"libva2-2.20.0-3.3.4.ppc64le","product":{"name":"libva2-2.20.0-3.3.4.ppc64le","product_id":"libva2-2.20.0-3.3.4.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"libva-devel-2.20.0-3.3.4.s390","product":{"name":"libva-devel-2.20.0-3.3.4.s390","product_id":"libva-devel-2.20.0-3.3.4.s390"}},{"category":"product_version","name":"libva-drm2-2.20.0-3.3.4.s390","product":{"name":"libva-drm2-2.20.0-3.3.4.s390","product_id":"libva-drm2-2.20.0-3.3.4.s390"}},{"category":"product_version","name":"libva-gl-devel-2.20.0-3.3.5.s390","product":{"name":"libva-gl-devel-2.20.0-3.3.5.s390","product_id":"libva-gl-devel-2.20.0-3.3.5.s390"}},{"category":"product_version","name":"libva-glx2-2.20.0-3.3.5.s390","product":{"name":"libva-glx2-2.20.0-3.3.5.s390","product_id":"libva-glx2-2.20.0-3.3.5.s390"}},{"category":"product_version","name":"libva-wayland2-2.20.0-3.3.5.s390","product":{"name":"libva-wayland2-2.20.0-3.3.5.s390","product_id":"libva-wayland2-2.20.0-3.3.5.s390"}},{"category":"product_version","name":"libva-x11-2-2.20.0-3.3.4.s390","product":{"name":"libva-x11-2-2.20.0-3.3.4.s390","product_id":"libva-x11-2-2.20.0-3.3.4.s390"}},{"category":"product_version","name":"libva2-2.20.0-3.3.4.s390","product":{"name":"libva2-2.20.0-3.3.4.s390","product_id":"libva2-2.20.0-3.3.4.s390"}}],"category":"architecture","name":"s390"},{"branches":[{"category":"product_version","name":"libva-devel-2.20.0-3.3.4.s390x","product":{"name":"libva-devel-2.20.0-3.3.4.s390x","product_id":"libva-devel-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva-devel-32bit-2.20.0-3.3.4.s390x","product":{"name":"libva-devel-32bit-2.20.0-3.3.4.s390x","product_id":"libva-devel-32bit-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva-drm2-2.20.0-3.3.4.s390x","product":{"name":"libva-drm2-2.20.0-3.3.4.s390x","product_id":"libva-drm2-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva-drm2-32bit-2.20.0-3.3.4.s390x","product":{"name":"libva-drm2-32bit-2.20.0-3.3.4.s390x","product_id":"libva-drm2-32bit-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva-gl-devel-2.20.0-3.3.5.s390x","product":{"name":"libva-gl-devel-2.20.0-3.3.5.s390x","product_id":"libva-gl-devel-2.20.0-3.3.5.s390x"}},{"category":"product_version","name":"libva-gl-devel-32bit-2.20.0-3.3.5.s390x","product":{"name":"libva-gl-devel-32bit-2.20.0-3.3.5.s390x","product_id":"libva-gl-devel-32bit-2.20.0-3.3.5.s390x"}},{"category":"product_version","name":"libva-glx2-2.20.0-3.3.5.s390x","product":{"name":"libva-glx2-2.20.0-3.3.5.s390x","product_id":"libva-glx2-2.20.0-3.3.5.s390x"}},{"category":"product_version","name":"libva-glx2-32bit-2.20.0-3.3.5.s390x","product":{"name":"libva-glx2-32bit-2.20.0-3.3.5.s390x","product_id":"libva-glx2-32bit-2.20.0-3.3.5.s390x"}},{"category":"product_version","name":"libva-wayland2-2.20.0-3.3.5.s390x","product":{"name":"libva-wayland2-2.20.0-3.3.5.s390x","product_id":"libva-wayland2-2.20.0-3.3.5.s390x"}},{"category":"product_version","name":"libva-wayland2-32bit-2.20.0-3.3.5.s390x","product":{"name":"libva-wayland2-32bit-2.20.0-3.3.5.s390x","product_id":"libva-wayland2-32bit-2.20.0-3.3.5.s390x"}},{"category":"product_version","name":"libva-x11-2-2.20.0-3.3.4.s390x","product":{"name":"libva-x11-2-2.20.0-3.3.4.s390x","product_id":"libva-x11-2-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva-x11-2-32bit-2.20.0-3.3.4.s390x","product":{"name":"libva-x11-2-32bit-2.20.0-3.3.4.s390x","product_id":"libva-x11-2-32bit-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva2-2.20.0-3.3.4.s390x","product":{"name":"libva2-2.20.0-3.3.4.s390x","product_id":"libva2-2.20.0-3.3.4.s390x"}},{"category":"product_version","name":"libva2-32bit-2.20.0-3.3.4.s390x","product":{"name":"libva2-32bit-2.20.0-3.3.4.s390x","product_id":"libva2-32bit-2.20.0-3.3.4.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"libva-devel-2.20.0-3.3.4.x86_64","product":{"name":"libva-devel-2.20.0-3.3.4.x86_64","product_id":"libva-devel-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva-devel-32bit-2.20.0-3.3.4.x86_64","product":{"name":"libva-devel-32bit-2.20.0-3.3.4.x86_64","product_id":"libva-devel-32bit-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva-drm2-2.20.0-3.3.4.x86_64","product":{"name":"libva-drm2-2.20.0-3.3.4.x86_64","product_id":"libva-drm2-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva-drm2-32bit-2.20.0-3.3.4.x86_64","product":{"name":"libva-drm2-32bit-2.20.0-3.3.4.x86_64","product_id":"libva-drm2-32bit-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva-gl-devel-2.20.0-3.3.5.x86_64","product":{"name":"libva-gl-devel-2.20.0-3.3.5.x86_64","product_id":"libva-gl-devel-2.20.0-3.3.5.x86_64"}},{"category":"product_version","name":"libva-gl-devel-32bit-2.20.0-3.3.5.x86_64","product":{"name":"libva-gl-devel-32bit-2.20.0-3.3.5.x86_64","product_id":"libva-gl-devel-32bit-2.20.0-3.3.5.x86_64"}},{"category":"product_version","name":"libva-glx2-2.20.0-3.3.5.x86_64","product":{"name":"libva-glx2-2.20.0-3.3.5.x86_64","product_id":"libva-glx2-2.20.0-3.3.5.x86_64"}},{"category":"product_version","name":"libva-glx2-32bit-2.20.0-3.3.5.x86_64","product":{"name":"libva-glx2-32bit-2.20.0-3.3.5.x86_64","product_id":"libva-glx2-32bit-2.20.0-3.3.5.x86_64"}},{"category":"product_version","name":"libva-wayland2-2.20.0-3.3.5.x86_64","product":{"name":"libva-wayland2-2.20.0-3.3.5.x86_64","product_id":"libva-wayland2-2.20.0-3.3.5.x86_64"}},{"category":"product_version","name":"libva-wayland2-32bit-2.20.0-3.3.5.x86_64","product":{"name":"libva-wayland2-32bit-2.20.0-3.3.5.x86_64","product_id":"libva-wayland2-32bit-2.20.0-3.3.5.x86_64"}},{"category":"product_version","name":"libva-x11-2-2.20.0-3.3.4.x86_64","product":{"name":"libva-x11-2-2.20.0-3.3.4.x86_64","product_id":"libva-x11-2-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva-x11-2-32bit-2.20.0-3.3.4.x86_64","product":{"name":"libva-x11-2-32bit-2.20.0-3.3.4.x86_64","product_id":"libva-x11-2-32bit-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva2-2.20.0-3.3.4.x86_64","product":{"name":"libva2-2.20.0-3.3.4.x86_64","product_id":"libva2-2.20.0-3.3.4.x86_64"}},{"category":"product_version","name":"libva2-32bit-2.20.0-3.3.4.x86_64","product":{"name":"libva2-32bit-2.20.0-3.3.4.x86_64","product_id":"libva2-32bit-2.20.0-3.3.4.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product":{"name":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product_id":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss-extended-security:12:sp5"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libva-devel-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64"},"product_reference":"libva-devel-2.20.0-3.3.4.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-devel-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le"},"product_reference":"libva-devel-2.20.0-3.3.4.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-devel-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x"},"product_reference":"libva-devel-2.20.0-3.3.4.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-devel-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64"},"product_reference":"libva-devel-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-drm2-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64"},"product_reference":"libva-drm2-2.20.0-3.3.4.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-drm2-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le"},"product_reference":"libva-drm2-2.20.0-3.3.4.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-drm2-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x"},"product_reference":"libva-drm2-2.20.0-3.3.4.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-drm2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64"},"product_reference":"libva-drm2-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-x11-2-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64"},"product_reference":"libva-x11-2-2.20.0-3.3.4.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-x11-2-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le"},"product_reference":"libva-x11-2-2.20.0-3.3.4.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-x11-2-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x"},"product_reference":"libva-x11-2-2.20.0-3.3.4.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-x11-2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64"},"product_reference":"libva-x11-2-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva2-2.20.0-3.3.4.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64"},"product_reference":"libva2-2.20.0-3.3.4.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva2-2.20.0-3.3.4.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le"},"product_reference":"libva2-2.20.0-3.3.4.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva2-2.20.0-3.3.4.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x"},"product_reference":"libva2-2.20.0-3.3.4.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64"},"product_reference":"libva2-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libva-devel-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product_id":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64"},"product_reference":"libva-devel-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"libva-drm2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product_id":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64"},"product_reference":"libva-drm2-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"libva-x11-2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product_id":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64"},"product_reference":"libva-x11-2-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"libva2-2.20.0-3.3.4.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5","product_id":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"},"product_reference":"libva2-2.20.0-3.3.4.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"}]},"vulnerabilities":[{"cve":"CVE-2023-39929","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2023-39929"}],"notes":[{"category":"general","text":"Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"]},"references":[{"category":"external","summary":"CVE-2023-39929","url":"https://www.suse.com/security/cve/CVE-2023-39929"},{"category":"external","summary":"SUSE Bug 1224413 for CVE-2023-39929","url":"https://bugzilla.suse.com/1224413"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-devel-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-drm2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva-x11-2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.aarch64","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.ppc64le","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.s390x","SUSE Linux Enterprise Server 12 SP5-LTSS:libva2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-devel-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-drm2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva-x11-2-2.20.0-3.3.4.x86_64","SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libva2-2.20.0-3.3.4.x86_64"]}],"threats":[{"category":"impact","date":"2025-05-06T09:17:15Z","details":"moderate"}],"title":"CVE-2023-39929"}]}