Skip to main content

Amd Instinct Mi210

4 CVEs product

Monthly

CVE-2025-52532 LOW Monitor

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Buffer Overflow Amd Radeon Pro V620 Amd Radeon Pro V710 Amd Instinct Mi250 Amd Instinct Mi308X +4
NVD
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0427 MEDIUM This Month

Improper cleanup of shared GPU firmware registers in AMD Instinct and Radeon Pro accelerators allows admin-privileged attackers within guest virtual machines to access registers allocated to other guest VMs, potentially compromising confidentiality, integrity, or availability across isolated workloads. The vulnerability requires local admin privileges within a guest VM and affects multiple GPU product lines used in data center and HPC environments.

Information Disclosure Amd Instinct Mi210 Amd Instinct Mi300X Amd Instinct Mi325X Amd Radeon Pro V710
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2025-66660 LOW Monitor

Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Rx 7000 Series Graphics Products Amd Radeon Pro W6000 Series Graphics Products Amd Radeon Pro W7000 Series Graphics Products +8
NVD
CVSS 4.0
1.8
EPSS
0.0%
CVE-2022-23826 LOW Monitor

A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity. Rated low severity (CVSS 1.8). No vendor patch available.

Information Disclosure Amd Ryzen 3000 Series Mobile Processors With Radeon Graphics Amd Athlon 3000 Series Mobile Processors With Radeon Graphics Amd Athlon 3000 Series Desktop Processors With Radeon Graphics Amd Ryzen Embedded R1000 Series Processors +17
NVD
CVSS 4.0
1.8
EPSS
0.0%
EPSS 0% CVSS 2.0
LOW Monitor

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Buffer Overflow Amd Radeon Pro V620 Amd Radeon Pro V710 +6
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Improper cleanup of shared GPU firmware registers in AMD Instinct and Radeon Pro accelerators allows admin-privileged attackers within guest virtual machines to access registers allocated to other guest VMs, potentially compromising confidentiality, integrity, or availability across isolated workloads. The vulnerability requires local admin privileges within a guest VM and affects multiple GPU product lines used in data center and HPC environments.

Information Disclosure Amd Instinct Mi210 Amd Instinct Mi300X +2
NVD VulDB
EPSS 0% CVSS 1.8
LOW Monitor

Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Rx 7000 Series Graphics Products +10
NVD
EPSS 0% CVSS 1.8
LOW Monitor

A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity. Rated low severity (CVSS 1.8). No vendor patch available.

Information Disclosure Amd Ryzen 3000 Series Mobile Processors With Radeon Graphics Amd Athlon 3000 Series Mobile Processors With Radeon Graphics +19
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy