Vulnerability in Amd Instinct™ Mi210

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability

EPSS: 0.002 (41.2th percentile) — read the EPSS interpretation.

Affected products

Amd Instinct™ Mi210 — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi250 — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi250x — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi300a — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi300x — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi308x — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi325x — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi350x — versions DME v1.4.1.2 and v1.4.0.1
Amd Instinct™ Mi355x — versions DME v1.4.1.2 and v1.4.0.1

Weakness classification (CWE)

CWE-1327

References

psirt@amd.com