Out-of-bounds Read in Amd Instinct™ Mi300a

CVE-2024-21950

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability.

Vulnerability class: Buffer Overflow

EPSS: 0.000 (4.5th percentile) — read the EPSS interpretation.

Affected products

Amd Instinct™ Mi300a — versions No fix planned
Amd Instinct™ Mi300x — versions No fix planned
Amd Instinct™ Mi308x — versions No fix planned
Amd Instinct™ Mi325x — versions No fix planned

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

psirt@amd.com