Is AMD Instinct™ MI300X affected by CVE-2023-4968 (GPU memory leak). AMD has the answer. Official announcement on May 7, 2024.

This article was published on May 21, 2024.

Preface: When I see the vulnerability it shows the date far away from now. Sometimes I lose interest. Maybe I’m missing a major technical detail. AMD officially released CVE-2023-4869 on March 7, 2024.

It happened to wake me up! Although today is May 21, 2024, it seems that my study is not late!

Background: Is MI300X better than H100? While both GPUs are capable, the MI300X has the edge in memory-intensive tasks like rendering large scenes and simulations. In comparison, the H100 excels in its AI-enhanced workflow and ray-traced rendering performance. AMD InstinctMI300X accelerators are designed to deliver leadership performance for Generative AI workloads and HPC applications.

Vulnerability details: Insufficient clearing of GPU memory could allow a compromised GPU kernel to read local memory values from another kernel across user or application boundaries leading to loss of confidentiality.

Official announcement: Please refer to the link for details –

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6010.html

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.