Vulnerability in Amd Instinct™ Mi210

CVE-2025-52532

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer over…

Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)

EPSS: 0.000 (2.9th percentile) — read the EPSS interpretation.

Affected products

Amd Instinct™ Mi210 — versions GIM Driver 8.4
Amd Instinct™ Mi250 — versions GIM Driver 8.4
Amd Instinct™ Mi300a — versions GIM Driver 8.4
Amd Instinct™ Mi300x — versions GIM Driver 8.4
Amd Instinct™ Mi308x — versions GIM Driver 8.4
Amd Instinct™ Mi325x — versions GIM Driver 8.4
Amd Radeon™ Pro V620 — versions Contact your AMD Customer Engineering representative
Amd Radeon™ Pro V710 — versions Contact your AMD Customer Engineering representative

Weakness classification (CWE)

CWE-367 — Time-of-check Time-of-use (TOCTOU) Race Condition

References

psirt@amd.com