SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2025:1477-1)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.1.4.2025.1477.1

Category: SuSE Local Security Checks

Title: SUSE: Security Advisory (SUSE-SU-2025:1477-1)

Summary: The remote host is missing an update for the 'libva' package(s) announced via the SUSE-SU-2025:1477-1 advisory.

Description: Summary:
The remote host is missing an update for the 'libva' package(s) announced via the SUSE-SU-2025:1477-1 advisory.

Vulnerability Insight:
This update for libva fixes the following issues:

Update to libva version 2.20.0, which includes security fix for:

* uncontrolled search path may allow an authenticated user to
escalate privilege via local access (CVE-2023-39929,
bsc#1224413, jsc#PED-11066)

This includes latest version of one of the components needed for Video
(processing) hardware support on Intel GPUs (bsc#1217770)

Update to version 2.20.0:

* av1: Revise offsets comments for av1 encode
* drm:
- Limit the array size to avoid out of range
- Remove no longer used helpers
* jpeg: add support for crop and partial decode
* trace:
- Add trace for vaExportSurfaceHandle
- Unlock mutex before return
- Fix minor issue about printf data type and value range
* va/backend:
- Annotate vafool as deprecated
- Document the vaGetDriver* APIs
* va/x11/va_fglrx: Remove some dead code
* va/x11/va_nvctrl: Remove some dead code
* va:
- Add new VADecodeErrorType to indicate the reset happended in
the driver
- Add vendor string on va_TraceInitialize
- Added Q416 fourcc (three-plane 16-bit YUV 4:4:4)
- Drop no longer applicable vaGetDriverNames check
- Fix:don't leak driver names, when override is set
- Fix:set driver number to be zero if vaGetDriverNames failed
- Optimize code of getting driver name for all protocols/os
(wayland,x11,drm,win32,android)
- Remove legacy code paths
- Remove unreachable 'DRIVER BUG'
* win32:
- Only print win32 driver messages in DEBUG builds
- Remove duplicate adapter_luid entry
* x11/dri2: limit the array handling to avoid out of range access
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var
- Implement vaGetDriverNames
- Remove legacy code paths

Update to 2.19.0:

* add: Add mono_chrome to VAEncSequenceParameterBufferAV1
* add: Enable support for license acquisition of multiple protected
playbacks
* fix: use secure_getenv instead of getenv
* trace: Improve and add VA trace log for AV1 encode
* trace: Unify va log message, replace va_TracePrint with va_TraceMsg.

Update to version 2.18.0:

* doc: Add build and install libva informatio in home page.
* fix:
- Add libva.def into distribution package
- NULL check before calling strncmp.
- Remove reference to non-existent symbol
* meson: docs:
- Add encoder interface for av1
- Use libva_version over project_version()
* va:
- Add VAProfileH264High10
- Always build with va-messaging API
- Fix the codying style of CHECK_DISPLAY
- Remove Android pre Jelly Bean workarounds
- Remove dummy isValid() hook
- Remove unused drm_sarea.h include & ANDROID references in
va_dricommon.h
- va/sysdeps.h: remove Android section
* x11:
- Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var
- Use LIBVA_DRI3_DISABLE in GetNumCandidates

Update to 2.17.0:

* win: Simplify signature for driver name loading
* win: Rewrite driver registry query and fix some
bugs/leaks/inefficiencies
* win: Add ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'libva' package(s) on SUSE Linux Enterprise Server 12-SP5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2023-39929
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html

Copyright Copyright (C) 2025 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.4.2025.1477.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2025:1477-1)
Summary:	The remote host is missing an update for the 'libva' package(s) announced via the SUSE-SU-2025:1477-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libva' package(s) announced via the SUSE-SU-2025:1477-1 advisory. Vulnerability Insight: This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: * uncontrolled search path may allow an authenticated user to escalate privilege via local access (CVE-2023-39929, bsc#1224413, jsc#PED-11066) This includes latest version of one of the components needed for Video (processing) hardware support on Intel GPUs (bsc#1217770) Update to version 2.20.0: * av1: Revise offsets comments for av1 encode * drm: - Limit the array size to avoid out of range - Remove no longer used helpers * jpeg: add support for crop and partial decode * trace: - Add trace for vaExportSurfaceHandle - Unlock mutex before return - Fix minor issue about printf data type and value range * va/backend: - Annotate vafool as deprecated - Document the vaGetDriver* APIs * va/x11/va_fglrx: Remove some dead code * va/x11/va_nvctrl: Remove some dead code * va: - Add new VADecodeErrorType to indicate the reset happended in the driver - Add vendor string on va_TraceInitialize - Added Q416 fourcc (three-plane 16-bit YUV 4:4:4) - Drop no longer applicable vaGetDriverNames check - Fix:don't leak driver names, when override is set - Fix:set driver number to be zero if vaGetDriverNames failed - Optimize code of getting driver name for all protocols/os (wayland,x11,drm,win32,android) - Remove legacy code paths - Remove unreachable 'DRIVER BUG' * win32: - Only print win32 driver messages in DEBUG builds - Remove duplicate adapter_luid entry * x11/dri2: limit the array handling to avoid out of range access * x11: - Allow disabling DRI3 via LIBVA_DRI3_DISABLE env var - Implement vaGetDriverNames - Remove legacy code paths Update to 2.19.0: * add: Add mono_chrome to VAEncSequenceParameterBufferAV1 * add: Enable support for license acquisition of multiple protected playbacks * fix: use secure_getenv instead of getenv * trace: Improve and add VA trace log for AV1 encode * trace: Unify va log message, replace va_TracePrint with va_TraceMsg. Update to version 2.18.0: * doc: Add build and install libva informatio in home page. * fix: - Add libva.def into distribution package - NULL check before calling strncmp. - Remove reference to non-existent symbol * meson: docs: - Add encoder interface for av1 - Use libva_version over project_version() * va: - Add VAProfileH264High10 - Always build with va-messaging API - Fix the codying style of CHECK_DISPLAY - Remove Android pre Jelly Bean workarounds - Remove dummy isValid() hook - Remove unused drm_sarea.h include & ANDROID references in va_dricommon.h - va/sysdeps.h: remove Android section * x11: - Allow disabling DRI3 via LIBVA_DRI3_DISABLe env var - Use LIBVA_DRI3_DISABLE in GetNumCandidates Update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'libva' package(s) on SUSE Linux Enterprise Server 12-SP5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-39929 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01012.html
Copyright	Copyright (C) 2025 Greenbone AG