Amd Amd Instinct™ Mi250
19 CVEs affecting Amd Amd Instinct™ Mi250. Latest disclosed: 2026-05-15. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36342 | High | 8.8 | 2025-09-06 | Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution. |
CVE-2021-26383 | High | 7.9 | 2025-09-05 | Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed… |
CVE-2023-31313 | High | 7.2 | 2026-02-12 | An unintended proxy or intermediary in the AMD power management firmware (PMFW) could allow a privileged attacker to send malformed messages to the system mana… |
CVE-2022-23817 | High | 7.0 | 2024-08-13 | Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the… |
CVE-2025-0010 | Medium | 6.1 | 2025-09-06 | An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity… |
CVE-2023-20516 | Low | 3.3 | 2025-09-06 | Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in… |
CVE-2023-31326 | Low | 2.8 | 2025-09-06 | Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially lead… |
CVE-2026-0481 | | 2026-05-15 | Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU co… | |
CVE-2025-52532 | | 2026-05-15 | A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioc… | |
CVE-2025-66664 | | 2026-05-15 | Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-… | |
CVE-2025-66660 | | 2026-05-15 | Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shar… | |
CVE-2025-54517 | | 2026-05-15 | Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution. | |
CVE-2025-54511 | | 2026-05-15 | Improper handling of insufficient privileges in the AMD Secure Processor (ASP) could allow an attacker to provide an input value to a function without sufficie… | |
CVE-2023-31317 | | 2026-05-15 | Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer (ASP) could allow an attacker to read or write to protected… | |
CVE-2023-31316 | | 2026-05-15 | Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker… | |
CVE-2022-23826 | | 2026-05-15 | A TOCTOU (Time-Of-Check to Time-Of-Use) in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially lead… | |
CVE-2023-31323 | | 2026-02-12 | Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent… | |
CVE-2023-20548 | | 2026-02-11 | A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity… | |
CVE-2023-31324 | | 2026-02-11 | A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Tru… |