Amd instinct™ mi300a
This hub aggregates every CVE we track for Amd instinct™ mi300a, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
6
High
0
In CISA KEV
Severity distribution
HIGH6MEDIUM4
Monthly trend
0
0
0
0
0
0
0
4
0
0
0
1
0
0
3
0
0
0
0
2
0
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Amd instinct™ mi300a.
- CVE-2023-20548A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.7.8
- CVE-2023-31324A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they ...7.8
- CVE-2025-0010An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability.6.1
- CVE-2024-36346Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.6.0
- CVE-2024-36342Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.8.8
- CVE-2024-36347Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrit...6.4
- CVE-2023-31345Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5
- CVE-2023-20508Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidenti...5.0
- CVE-2023-31343Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5
- CVE-2023-31342Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.7.5
Product normalization is registry-driven with AI assist and human review. How it works