Description
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
Scores
CVSS v3
8.8
EPSS
0.0003
EPSS Percentile
9.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-1285
Status
published
Products (40)
AMD/AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics
Radeon Software for Linux 25.10.x
AMD/AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
Radeon Software for Linux 25.10.x
AMD/AMD Instinct™ MI210
ROCm 6.4
AMD/AMD Instinct™ MI250
ROCm 6.4
AMD/AMD Instinct™ MI300A
ROCm 6.4
AMD/AMD Instinct™ MI300X
ROCm 6.4
AMD/AMD Instinct™ MI308X
ROCm 6.4
AMD/AMD Instinct™ MI325X
ROCm 6.4
AMD/AMD Radeon™ PRO V520 Graphics Products
Contact your AMD Customer Engineering representative
AMD/AMD Radeon™ PRO V620 Graphics Products
Contact your AMD Customer Engineering representative
... and 30 more
Published
Sep 06, 2025
Tracked Since
Feb 18, 2026