VDB
CISA-2025-0034
CISA-2025-0034
PUBLISHED
CVSS 4.7 MEDIUM
Reported by AMD · Published September 6, 2025
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.
Risk Scores
CVSS 3.1
4.7
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AMD | AMD Instinct™ MI300X | ROCm 6.3 |
| AMD | AMD Instinct™ MI325X | ROCm 6.3 |
| AMD | AMD Instinct™ MI300X | ROCm 6.3, ROCm 6.3 |
| AMD | AMD Instinct™ MI325X | ROCm 6.3, * |
Timeline
- Sep 6, 2025 CVE Published
- Sep 8, 2025 CVE Updated