This article was published on May 21, 2024.
Preface: When I see the vulnerability it shows the date far away from now. Sometimes I lose interest. Maybe I’m missing a major technical detail. AMD officially released CVE-2023-4869 on March 7, 2024.
It happened to wake me up! Although today is May 21, 2024, it seems that my study is not late!
Background: Is MI300X better than H100? While both GPUs are capable, the MI300X has the edge in memory-intensive tasks like rendering large scenes and simulations. In comparison, the H100 excels in its AI-enhanced workflow and ray-traced rendering performance. AMD Instinct™ MI300X accelerators are designed to deliver leadership performance for Generative AI workloads and HPC applications.
Vulnerability details: Insufficient clearing of GPU memory could allow a compromised GPU kernel to read local memory values from another kernel across user or application boundaries leading to loss of confidentiality.
Official announcement: Please refer to the link for details –
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6010.html