Skip to main content

Amd Instinct Mi250

3 CVEs product

Monthly

CVE-2025-52532 LOW Monitor

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Buffer Overflow Amd Radeon Pro V620 Amd Radeon Pro V710 Amd Instinct Mi250 Amd Instinct Mi308X +4
NVD
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-66660 LOW Monitor

Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Rx 7000 Series Graphics Products Amd Radeon Pro W6000 Series Graphics Products Amd Radeon Pro W7000 Series Graphics Products +8
NVD
CVSS 4.0
1.8
EPSS
0.0%
CVE-2022-23826 LOW Monitor

A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity. Rated low severity (CVSS 1.8). No vendor patch available.

Information Disclosure Amd Ryzen 3000 Series Mobile Processors With Radeon Graphics Amd Athlon 3000 Series Mobile Processors With Radeon Graphics Amd Athlon 3000 Series Desktop Processors With Radeon Graphics Amd Ryzen Embedded R1000 Series Processors +17
NVD
CVSS 4.0
1.8
EPSS
0.0%
EPSS 0% CVSS 2.0
LOW Monitor

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Buffer Overflow Amd Radeon Pro V620 Amd Radeon Pro V710 +6
NVD
EPSS 0% CVSS 1.8
LOW Monitor

Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Rx 7000 Series Graphics Products +10
NVD
EPSS 0% CVSS 1.8
LOW Monitor

A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity. Rated low severity (CVSS 1.8). No vendor patch available.

Information Disclosure Amd Ryzen 3000 Series Mobile Processors With Radeon Graphics Amd Athlon 3000 Series Mobile Processors With Radeon Graphics +19
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy