Amd Instinct Mi300A
Monthly
An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of. Rated low severity (CVSS 1.8). No vendor patch available.
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.
Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine (VM) or a process to perform unauthorized access to the register space of the JPEG cores assigned a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.
Insufficient parameter sanitization in TEE SOC Driver on AMD Instinct MI300A, MI300X, MI308X, and MI325X accelerators allows local high-privileged attackers to issue malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS commands that write invalid data to remote Dies, resulting in availability impact through unexpected behavior. The vulnerability requires local access and high privileges, with a CVSS score of 1.8 indicating minimal real-world risk despite potential data integrity concerns.
An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of. Rated low severity (CVSS 1.8). No vendor patch available.
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.
Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine (VM) or a process to perform unauthorized access to the register space of the JPEG cores assigned a. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Insufficient parameter sanitization in the AMD TEE SOC Driver's DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT command handler allows high-privileged local attackers to trigger incorrect shared memory mapping via malformed parameters, potentially disclosing sensitive information. The vulnerability affects AMD Radeon RX 6000/7000, Radeon Pro W6000/W7000, and Instinct MI-series GPUs. CVSS 1.8 reflects high-privilege requirement and local-only attack vector with severe attack complexity, but the information disclosure impact and active vendor acknowledgment indicate targeted risk to privileged processes.
Insufficient parameter sanitization in TEE SOC Driver on AMD Instinct MI300A, MI300X, MI308X, and MI325X accelerators allows local high-privileged attackers to issue malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS commands that write invalid data to remote Dies, resulting in availability impact through unexpected behavior. The vulnerability requires local access and high privileges, with a CVSS score of 1.8 indicating minimal real-world risk despite potential data integrity concerns.