Vulnerability in Amd Instinct™ Mi210
CVE-2023-31324
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in los…
Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)
EPSS: 0.000 (0.3th percentile) — read the EPSS interpretation.
Affected products
- Amd Instinct™ Mi210 — versions ROCm 6.4
- Amd Instinct™ Mi250 — versions ROCm 6.4
- Amd Instinct™ Mi300a — versions ROCm 6.4
- Amd Instinct™ Mi300x — versions ROCm 6.4
- Amd Radeon™ Pro W5000 Series Graphics Products — versions AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)
- Amd Radeon™ Rx 5000 Series Graphics Products — versions AMD Software: Adrenalin Edition 25.6.1 (25.10.13.01), AMD Software: PRO Edition 25.Q2 (25.10.10)