Skip to main content

Amd Instinct Mi300A

5 CVEs product

Monthly

CVE-2024-21950 LOW Monitor

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of. Rated low severity (CVSS 1.8). No vendor patch available.

Buffer Overflow Information Disclosure Amd Instinct Mi300X Amd Instinct Mi300A Amd Instinct Mi325X +1
NVD
CVSS 4.0
1.8
EPSS
0.0%
CVE-2025-52532 LOW Monitor

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Buffer Overflow Amd Radeon Pro V620 Amd Radeon Pro V710 Amd Instinct Mi250 Amd Instinct Mi308X +4
NVD
CVSS 4.0
2.0
EPSS
0.0%
CVE-2024-36323 HIGH This Week

Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine (VM) or a process to perform unauthorized access to the register space of the JPEG cores assigned a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Amd Radeon Rx 7000 Series Graphics Products Amd Radeon Pro W7000 Series Graphics Products Amd Instinct Mi308X Amd Instinct Mi325X +2
NVD VulDB
CVSS 4.0
8.8
EPSS
0.0%
CVE-2025-66660 LOW Monitor

Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Rx 7000 Series Graphics Products Amd Radeon Pro W6000 Series Graphics Products Amd Radeon Pro W7000 Series Graphics Products +8
NVD
CVSS 4.0
1.8
EPSS
0.0%
CVE-2026-0428 LOW Monitor

Insufficient parameter sanitization in TEE SOC Driver on AMD Instinct MI300A, MI300X, MI308X, and MI325X accelerators allows local high-privileged attackers to issue malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS commands that write invalid data to remote Dies, resulting in availability impact through unexpected behavior. The vulnerability requires local access and high privileges, with a CVSS score of 1.8 indicating minimal real-world risk despite potential data integrity concerns.

Information Disclosure Amd Instinct Mi300A Amd Instinct Mi300X Amd Instinct Mi308X Amd Instinct Mi325X
NVD
CVSS 4.0
1.8
EPSS
0.0%
EPSS 0% CVSS 1.8
LOW Monitor

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of. Rated low severity (CVSS 1.8). No vendor patch available.

Buffer Overflow Information Disclosure Amd Instinct Mi300X +3
NVD
EPSS 0% CVSS 2.0
LOW Monitor

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Buffer Overflow Amd Radeon Pro V620 Amd Radeon Pro V710 +6
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine (VM) or a process to perform unauthorized access to the register space of the JPEG cores assigned a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Amd Radeon Rx 7000 Series Graphics Products Amd Radeon Pro W7000 Series Graphics Products +4
NVD VulDB
EPSS 0% CVSS 1.8
LOW Monitor

Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Rx 7000 Series Graphics Products +10
NVD
EPSS 0% CVSS 1.8
LOW Monitor

Insufficient parameter sanitization in TEE SOC Driver on AMD Instinct MI300A, MI300X, MI308X, and MI325X accelerators allows local high-privileged attackers to issue malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS commands that write invalid data to remote Dies, resulting in availability impact through unexpected behavior. The vulnerability requires local access and high privileges, with a CVSS score of 1.8 indicating minimal real-world risk despite potential data integrity concerns.

Information Disclosure Amd Instinct Mi300A Amd Instinct Mi300X +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy