Strix
26.1K

CVE-2023-4969

MEDIUMCVSS 6.5/10EPSS 1.18%

Last modified

CVE-2023-4969 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.. EPSS estimates a 1.18% chance of exploitation in the next 30 days.

Description

A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Metrics

CVSS 3.1
6.5/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS Probability
1.18%

63.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
KhronosOpencl<= 3.0.11
KhronosVulkan<= 1.3.224
ImaginationtechDdk<= 23.2
AmdInstinct Mi300x FirmwareAll versions
AmdInstinct Mi300a FirmwareAll versions
AmdInstinct Mi250 FirmwareAll versions
AmdInstinct Mi210 FirmwareAll versions
AmdInstinct Mi100 FirmwareAll versions
AmdRadeon Instinct Mi50 FirmwareAll versions
AmdRadeon Instinct Mi25 FirmwareAll versions
AmdRadeon Pro V620 FirmwareAll versions
AmdRadeon Pro V520 FirmwareAll versions
AmdRadeon Pro W7600 FirmwareAll versions
AmdRadeon Pro W7500 FirmwareAll versions
AmdRadeon Pro W6400 FirmwareAll versions
AmdRadeon Pro W6500m FirmwareAll versions
AmdRadeon Pro W6300m FirmwareAll versions
AmdRadeon Pro W5700x FirmwareAll versions
AmdRadeon Pro W5500x FirmwareAll versions
AmdRadeon Rx 7900xtx FirmwareAll versions
AmdRadeon Rx 7900xt FirmwareAll versions
AmdRadeon Rx 7800xt FirmwareAll versions
AmdRadeon Rx 7700xt FirmwareAll versions
AmdRadeon Rx 7600xt FirmwareAll versions
AmdRadeon Rx 7600 FirmwareAll versions
AmdRadeon Rx 6950xt FirmwareAll versions
AmdRadeon Rx 6900xt FirmwareAll versions
AmdRadeon Rx 6800xt FirmwareAll versions
AmdRadeon Rx 6800 FirmwareAll versions
AmdRadeon Rx 5300m FirmwareAll versions
AmdRadeon Rx 5300 FirmwareAll versions
AmdRadeon Rx 5300xt FirmwareAll versions
AmdRadeon Rx 5500m FirmwareAll versions
AmdRadeon Rx 5500 FirmwareAll versions
AmdRadeon Rx 5500xt FirmwareAll versions
AmdRadeon Rx 5600m FirmwareAll versions
AmdRadeon Rx 5600 FirmwareAll versions
AmdRadeon Rx 5600xt FirmwareAll versions
AmdRadeon Rx 5700m FirmwareAll versions
AmdRadeon Rx 5700 FirmwareAll versions
AmdRadeon Rx 5700xt FirmwareAll versions
AmdRyzen 9 7945hx3d FirmwareAll versions
AmdRyzen 9 7945hx FirmwareAll versions
AmdRyzen 9 7845hx FirmwareAll versions
AmdRyzen 7 7745hx FirmwareAll versions
AmdRyzen 5 7645hx FirmwareAll versions
AmdRyzen 9 7940h FirmwareAll versions
AmdRyzen 9 Pro 7945hs FirmwareAll versions
AmdRyzen 7 Pro 7840hs FirmwareAll versions
AmdRyzen 7 7840h FirmwareAll versions

Showing 50 of 132 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-4969?
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
How severe is CVE-2023-4969?
CVE-2023-4969 has a CVSS score of 6.5/10 (MEDIUM severity). The EPSS model estimates a 1.18% probability of exploitation in the next 30 days.
How do I fix CVE-2023-4969?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-4969?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST