cbcvebase.
CVE-2023-4969
published 2024-01-16

CVE-2023-4969: A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on…

PriorityP429medium6.5CVSS 3.1
AVLACLPRLUINSCCHINAN
EPSS
1.18%
63.6th percentile
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Affected

7 ranges
VendorProductVersion rangeFixed in
debianfirmware-nonfree< firmware-nonfree 20240610-1 (forky)firmware-nonfree 20240610-1 (forky)
googlechrome_chrome
imaginationtechddk<= 23.2
khronosopencl<= 3.0.11
khronosvulkan<= 1.3.224
khronos_groupopencl3.0.11 – 3.0.11
khronos_groupvulkan1.3.224 – 1.3.224

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.