Vulnerability-Lookup

BDU:2024-00388

Vulnerability from fstec - Published: 16.01.2024

Title

Уязвимость микропрограммного обеспечения процессоров AMD, Qualcomm и Imagination, позволяющая нарушителю извлечь данные из локальной памяти GPU

Description

Уязвимость микропрограммного обеспечения процессоров AMD, Qualcomm и Imagination связана с недостаточной изоляцией локальной памяти GPU и отсутствием очистки локальной памяти после выполнения процессов на GPU. Эксплуатация уязвимости может позволить нарушителю извлечь данные из локальной памяти GPU

Severity ?


                    
                      AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vendor

Advanced Micro Devices Inc., Qualcomm Technologies Inc., Imagination Technologies

Software Name

AMD Ryzen 4000 Series Desktop processors with Radeon graphics, AMD Ryzen 5000 Series Desktop processor with Radeon graphics, AMD Ryzen 4000 Series Mobile processors with Radeon graphics, AMD Ryzen 5000 Series Mobile processor with Radeon graphics, AMD Athlon 3000 Series Mobile processor with Radeon graphics, AMD Ryzen 7000 Series Desktop Processors, AMD Ryzen 6000 Series Processors with Radeon Graphics, AMD Ryzen 7035 Series Processors with Radeon Graphics, AMD Ryzen 5000 Series Processors with Radeon Graphics, AMD Ryzen 3000 Series Processors with Radeon Graphics, AMD Athlon 3000 Series Desktop Processors with Radeon Graphics, AMD Ryzen 7020 Series Processors with Radeon Graphics, AMD Ryzen 7040 Series Processors with Radeon Graphics, AMD Ryzen 7045 Series Mobile Processors, AMD Radeon RX 5000 Series Graphics Cards, AMD Radeon RX 6000 Series Graphics Cards, AMD Radeon RX 7000 Series Graphics Cards, AMD Radeon PRO W5000 Series Graphics Cards, AMD Radeon PRO W6000 Series Graphics Cards, AMD Radeon PRO W7000 Series Graphics Cards, AMD Radeon PRO V520, AMD Radeon PRO V620, AMD Radeon Instinct MI25, AMD Radeon Instinct MI50, AMD Instinct MI100, AMD Instinct MI210, AMD Instinct MI250, AMD Instinct MI300A, AMD Instinct MI300X, Adreno a630, DDK

Software Version

- (AMD Ryzen 4000 Series Desktop processors with Radeon graphics), - (AMD Ryzen 5000 Series Desktop processor with Radeon graphics), - (AMD Ryzen 4000 Series Mobile processors with Radeon graphics), - (AMD Ryzen 5000 Series Mobile processor with Radeon graphics), - (AMD Athlon 3000 Series Mobile processor with Radeon graphics), - (AMD Ryzen 7000 Series Desktop Processors), - (AMD Ryzen 6000 Series Processors with Radeon Graphics), - (AMD Ryzen 7035 Series Processors with Radeon Graphics), - (AMD Ryzen 5000 Series Processors with Radeon Graphics), - (AMD Ryzen 3000 Series Processors with Radeon Graphics), - (AMD Athlon 3000 Series Desktop Processors with Radeon Graphics), - (AMD Ryzen 7020 Series Processors with Radeon Graphics), - (AMD Ryzen 7040 Series Processors with Radeon Graphics), - (AMD Ryzen 7045 Series Mobile Processors), - (AMD Radeon RX 5000 Series Graphics Cards), - (AMD Radeon RX 6000 Series Graphics Cards), - (AMD Radeon RX 7000 Series Graphics Cards), - (AMD Radeon PRO W5000 Series Graphics Cards), - (AMD Radeon PRO W6000 Series Graphics Cards), - (AMD Radeon PRO W7000 Series Graphics Cards), - (AMD Radeon PRO V520), - (AMD Radeon PRO V620), - (AMD Radeon Instinct MI25), - (AMD Radeon Instinct MI50), - (AMD Instinct MI100), - (AMD Instinct MI210), - (AMD Instinct MI250), - (AMD Instinct MI300A), - (AMD Instinct MI300X), до 2.07 (Adreno a630), до 23.3 (DDK)

Possible Mitigations

Использование рекомендаций: Для программных продуктов Advanced Micro Devices Inc.: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6010.html Для программных продуктов Qualcomm Technologies Inc.: https://lore.kernel.org/linux-firmware/20240111114032.126035-1-quic_akhilpo@quicinc.com/T/#u Для программных продуктов Imagination Technologies: https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Reference

https://vuldb.com/ru/?id.250875 https://www.opennet.ru/opennews/art.shtml?num=60451 https://xakep.ru/2024/01/18/leftoverlocals/ https://github.com/trailofbits/LeftoverLocalsRelease https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions https://www.vulkan.org https://developer.mozilla.org/en-US/docs/Web/API/WebGPU_API https://researchcomputing.princeton.edu/support/knowledge-base/gpu-computing https://developer.apple.com/documentation/metal/performing_calculations_on_a_gpu https://devblogs.microsoft.com/directx/announcing-the-opencl-and-opengl-compatibility-pack-for-windows-10-on-arm/ https://source.android.com/docs/core/graphics/arch-vulkan https://developer.nvidia.com/cuda-toolkit https://www.amd.com/en/technologies/vulkan https://developer.arm.com/Processors/Mali-G78 https://www.imaginationtech.com/product/ge8320/ https://github.com/Mesa3D/mesa/blob/957009978ef6d7121fc0d710d03bc20097d4d46b/src/amd/vulkan/radv_shader.c#L709 https://dl.acm.org/doi/10.1145/2801153 https://arxiv.org/pdf/1605.06610.pdf https://lore.kernel.org/linux-firmware/20240111114032.126035-1-quic_akhilpo@quicinc.com/T/#u https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CWE

CWE-120

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Advanced Micro Devices Inc., Qualcomm Technologies Inc., Imagination Technologies",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (AMD Ryzen 4000 Series Desktop processors with Radeon graphics), - (AMD Ryzen 5000 Series Desktop processor with Radeon graphics), - (AMD Ryzen 4000 Series Mobile processors with Radeon graphics), - (AMD Ryzen 5000 Series Mobile processor with Radeon graphics), - (AMD Athlon 3000 Series Mobile processor with Radeon graphics), - (AMD Ryzen 7000 Series Desktop Processors), - (AMD Ryzen 6000 Series Processors with Radeon Graphics), - (AMD Ryzen 7035 Series Processors with Radeon Graphics), - (AMD Ryzen 5000 Series Processors with Radeon Graphics), - (AMD Ryzen 3000 Series Processors with Radeon Graphics), - (AMD Athlon 3000 Series Desktop Processors with Radeon Graphics), - (AMD Ryzen 7020 Series Processors with Radeon Graphics), - (AMD Ryzen 7040 Series Processors with Radeon Graphics), - (AMD Ryzen 7045 Series Mobile Processors), - (AMD Radeon RX 5000 Series Graphics Cards), - (AMD Radeon RX 6000 Series Graphics Cards), - (AMD Radeon RX 7000 Series Graphics Cards), - (AMD Radeon PRO W5000 Series Graphics Cards), - (AMD Radeon PRO W6000 Series Graphics Cards), - (AMD Radeon PRO W7000 Series Graphics Cards), - (AMD Radeon PRO V520), - (AMD Radeon PRO V620), - (AMD Radeon Instinct MI25), - (AMD Radeon Instinct MI50), - (AMD Instinct MI100), - (AMD Instinct MI210), - (AMD Instinct MI250), - (AMD Instinct MI300A), - (AMD Instinct MI300X), \u0434\u043e 2.07 (Adreno a630), \u0434\u043e 23.3 (DDK)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Advanced Micro Devices Inc.:\nhttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-6010.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Qualcomm Technologies Inc.:\nhttps://lore.kernel.org/linux-firmware/20240111114032.126035-1-quic_akhilpo@quicinc.com/T/#u\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Imagination Technologies:\nhttps://www.imaginationtech.com/gpu-driver-vulnerabilities/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.01.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "18.01.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "18.01.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-00388",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-4969",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "AMD Ryzen 4000 Series Desktop processors with Radeon graphics, AMD Ryzen 5000 Series Desktop processor with Radeon graphics, AMD Ryzen 4000 Series Mobile processors with Radeon graphics, AMD Ryzen 5000 Series Mobile processor with Radeon graphics, AMD Athlon 3000 Series Mobile processor with Radeon graphics, AMD Ryzen 7000 Series Desktop Processors, AMD Ryzen 6000 Series Processors with Radeon Graphics, AMD Ryzen 7035 Series Processors with Radeon Graphics, AMD Ryzen 5000 Series Processors with Radeon Graphics, AMD Ryzen 3000 Series Processors with Radeon Graphics, AMD Athlon 3000 Series Desktop Processors with Radeon Graphics, AMD Ryzen 7020 Series Processors with Radeon Graphics, AMD Ryzen 7040 Series Processors with Radeon Graphics, AMD Ryzen 7045 Series Mobile Processors, AMD Radeon RX 5000 Series Graphics Cards, AMD Radeon RX 6000 Series Graphics Cards, AMD Radeon RX 7000 Series Graphics Cards, AMD Radeon PRO W5000 Series Graphics Cards, AMD Radeon PRO W6000 Series Graphics Cards, AMD Radeon PRO W7000 Series Graphics Cards, AMD Radeon PRO V520, AMD Radeon PRO V620, AMD Radeon Instinct MI25, AMD Radeon Instinct MI50, AMD Instinct MI100, AMD Instinct MI210, AMD Instinct MI250, AMD Instinct MI300A, AMD Instinct MI300X, Adreno a630, DDK",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 AMD, Qualcomm \u0438 Imagination, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 GPU",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (\u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430) (CWE-120)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 AMD, Qualcomm \u0438 Imagination \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0435\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 GPU \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u043d\u0430 GPU. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 GPU",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 LeftoverLocals",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://vuldb.com/ru/?id.250875\nhttps://www.opennet.ru/opennews/art.shtml?num=60451\nhttps://xakep.ru/2024/01/18/leftoverlocals/\nhttps://github.com/trailofbits/LeftoverLocalsRelease\nhttps://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions\nhttps://www.vulkan.org\nhttps://developer.mozilla.org/en-US/docs/Web/API/WebGPU_API\nhttps://researchcomputing.princeton.edu/support/knowledge-base/gpu-computing\nhttps://developer.apple.com/documentation/metal/performing_calculations_on_a_gpu\nhttps://devblogs.microsoft.com/directx/announcing-the-opencl-and-opengl-compatibility-pack-for-windows-10-on-arm/\nhttps://source.android.com/docs/core/graphics/arch-vulkan\nhttps://developer.nvidia.com/cuda-toolkit\nhttps://www.amd.com/en/technologies/vulkan\nhttps://developer.arm.com/Processors/Mali-G78\nhttps://www.imaginationtech.com/product/ge8320/\nhttps://github.com/Mesa3D/mesa/blob/957009978ef6d7121fc0d710d03bc20097d4d46b/src/amd/vulkan/radv_shader.c#L709\nhttps://dl.acm.org/doi/10.1145/2801153\nhttps://arxiv.org/pdf/1605.06610.pdf\nhttps://lore.kernel.org/linux-firmware/20240111114032.126035-1-quic_akhilpo@quicinc.com/T/#u\nhttps://www.imaginationtech.com/gpu-driver-vulnerabilities/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-120",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,1)"
}

CVE-2023-4969 (GCVE-0-2023-4969)

Vulnerability from cvelistv5 – Published: 2024-01-16 17:01 – Updated: 2025-06-20 17:10

Title

GPU kernel implementations susceptible to memory leak

Summary

A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

Assigner

certcc

References

URL

Tags

	https://registry.khronos.org/OpenCL/specs/3.0-uni…
	https://registry.khronos.org/vulkan/specs/1.3-ext…
	https://kb.cert.org/vuls/id/446598
	https://blog.trailofbits.com
	https://www.kb.cert.org/vuls/id/446598

Impacted products

Vendor

Product

Version

Khronos Group

OpenCL

Affected: 3.0.11 , ≤ 3.0.11 (custom)

Khronos Group

Vulkan

Affected: 1.3.224 , ≤ 1.3.224 (custom)

Credits

Trail of Bits

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:44:53.327Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/446598"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.trailofbits.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/446598"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-4969",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-18T14:52:39.700257Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-20T17:10:16.313Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenCL",
          "vendor": "Khronos Group",
          "versions": [
            {
              "lessThanOrEqual": "3.0.11",
              "status": "affected",
              "version": "3.0.11",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Vulkan",
          "vendor": "Khronos Group",
          "versions": [
            {
              "lessThanOrEqual": "1.3.224",
              "status": "affected",
              "version": "1.3.224",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Trail of Bits"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-16T17:05:06.604Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "url": "https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions"
        },
        {
          "url": "https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html"
        },
        {
          "url": "https://kb.cert.org/vuls/id/446598"
        },
        {
          "url": "https://blog.trailofbits.com"
        },
        {
          "url": "https://www.kb.cert.org/vuls/id/446598"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "GPU kernel implementations susceptible to memory leak",
      "x_generator": {
        "engine": "VINCE 2.1.9",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-4969"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2023-4969",
    "datePublished": "2024-01-16T17:01:29.598Z",
    "dateReserved": "2023-09-14T17:07:51.604Z",
    "dateUpdated": "2025-06-20T17:10:16.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2024-00388

CVE-2023-4969 (GCVE-0-2023-4969)

Tags

Sightings

Nomenclature