Amd instinct™ mi300x
This hub aggregates every CVE we track for Amd instinct™ mi300x, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH3
Monthly trend
0
0
0
0
0
0
0
1
0
0
0
0
0
0
6
0
0
0
0
2
0
0
0
0
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Amd instinct™ mi300x.
- CVE-2023-20548A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.7.8
- CVE-2023-31324A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they ...7.8
- CVE-2024-21935Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentia...5.0
- CVE-2024-21927Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service pro...5.0
- CVE-2025-0034Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potent...4.7
- CVE-2025-0010An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability.6.1
- CVE-2024-36346Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.6.0
- CVE-2024-36342Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.8.8
- CVE-2023-20508Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidenti...5.0
Product normalization is registry-driven with AI assist and human review. How it works