Skip to main content

AMD GPU Firmware EUVDEUVD-2026-30501

| CVE-2026-0427 MEDIUM
Incomplete Cleanup (CWE-459)
2026-05-15 AMD GHSA-j384-fpqm-4mmh
4.6
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
4.6 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
May 15, 2026 - 03:33 vuln.today
CVSS changed
May 15, 2026 - 03:22 NVD
4.6 (MEDIUM)
CVE Published
May 15, 2026 - 02:51 nvd
MEDIUM 4.6

DescriptionCVE.org

Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability.

AnalysisAI

Improper cleanup of shared GPU firmware registers in AMD Instinct and Radeon Pro accelerators allows admin-privileged attackers within guest virtual machines to access registers allocated to other guest VMs, potentially compromising confidentiality, integrity, or availability across isolated workloads. The vulnerability requires local admin privileges within a guest VM and affects multiple GPU product lines used in data center and HPC environments.

Technical ContextAI

Modern GPU architectures, particularly AMD's RDNA and CDNA-based accelerators, implement virtualization features that isolate compute resources across multiple guest VMs. GPU firmware manages allocation and cleanup of shared hardware resources, including general-purpose registers, cache hierarchies, and execution contexts. CWE-459 (Improper Cleanup or Discarding of Resources) indicates that the firmware fails to properly reset or clear register state when switching execution contexts between guest VMs. In a shared-tenancy GPU environment, this allows a privileged user in one guest to inspect or modify register contents left behind by another guest's workloads, bypassing VM isolation guarantees. The attack surface is specific to virtualized GPU deployments where multiple untrusted tenants share physical accelerator hardware without proper firmware-level context isolation.

RemediationAI

AMD has released firmware updates to properly clean and isolate GPU register state during context switches between guest VMs. Customers should immediately check AMD-SB-6027 and apply the recommended firmware updates for their specific GPU models (MI210, MI300X, MI325X, or Radeon Pro V710). Firmware updates are typically deployed via AMD ROCm stack updates or direct GPU firmware flashing utilities; coordinate with your GPU vendor or cloud provider for deployment timelines. If immediate patching is not feasible, implement compensating controls: restrict guest VM admin privileges via hypervisor security policies (e.g., disable privileged container capabilities, block direct GPU register access), physically isolate VMs belonging to different security domains (avoid time-sharing GPUs between untrusted tenants), and monitor GPU context switching logs for anomalous behavior. Note that privilege restriction mitigates but does not eliminate risk if guest users can escalate or if configuration management errors occur; firmware patching is the definitive fix. Multi-tenant cloud operators should prioritize GPU firmware updates in their vulnerability patching schedules above general compute patches due to the cross-tenant isolation implication.

Share

EUVD-2026-30501 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy