CVE-2023-4969

Published: Jan 16, 2024

Modified: Jun 20, 2025

PUBLISHED

Description

A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Vendor	Product	Versions
Khronos Group	OpenCL	affected `3.0.11 - <= 3.0.11`
Khronos Group	Vulkan	affected `1.3.224 - <= 1.3.224`

References

https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions

https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html

https://kb.cert.org/vuls/id/446598

https://blog.trailofbits.com

https://www.kb.cert.org/vuls/id/446598

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-4969

Description

Affected Products

References