Incomplete Cleanup

CVE-2024-36353

Medium

6.5/10

Summary

Insufficient clearing of GPU global memory could allow a malicious process running on the same GPU to read left over memory values potentially leading to loss of confidentiality.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: CHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-459 - Incomplete Cleanup

The software does not properly "clean up" and remove temporary or supporting resources after they have been used.

References

Advisory Timeline

Published Mar 02, 2025

Incomplete Cleanup

CVE-2024-36353

Summary

CWE-459 - Incomplete Cleanup

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS