Vulnerability in Amd Instinct™ Mi210

CVE-2023-31323

Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of…

EPSS: 0.000 (6.2th percentile) — read the EPSS interpretation.

Affected products

Amd Instinct™ Mi210 — versions ROCm 6.2
Amd Instinct™ Mi250 — versions ROCm 6.2
Amd Instinct™ Mi300a — versions ROCm 6.2
Amd Instinct™ Mi300x — versions ROCm 6.2
Amd Radeon™ Pro Vii — versions No fix planned
Amd Radeon™ Pro W5000 Series Graphics Products — versions AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
Amd Radeon™ Rx 5000 Series Graphics Products — versions AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
Amd Radeon™ Vii — versions No fix planned

Weakness classification (CWE)

CWE-843 — Access of Resource Using Incompatible Type (Type Confusion)

References

www.amd.com/en/resources/product-security/bulletin/AMD-SB-6024.html