Amd

Instinct Mi300a

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.4

CVE-2023-31323

  • EPSS 0.02%
  • Veröffentlicht 12.02.2026 17:45:12
  • Zuletzt bearbeitet 13.02.2026 14:23:48

Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentia...

6.3

CVE-2024-36319

  • EPSS 0.01%
  • Veröffentlicht 12.02.2026 17:41:06
  • Zuletzt bearbeitet 13.02.2026 14:23:48

Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availab...

7.8

CVE-2023-20548

  • EPSS 0.01%
  • Veröffentlicht 11.02.2026 14:35:16
  • Zuletzt bearbeitet 05.03.2026 17:44:49

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.

7.8

CVE-2023-31324

  • EPSS 0.01%
  • Veröffentlicht 11.02.2026 14:34:54
  • Zuletzt bearbeitet 05.03.2026 17:45:32

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confid...

7.1

CVE-2025-29950

  • EPSS 0.01%
  • Veröffentlicht 10.02.2026 19:10:28
  • Zuletzt bearbeitet 10.02.2026 21:51:48

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

6.1

CVE-2025-0010

  • EPSS 0.01%
  • Veröffentlicht 06.09.2025 18:26:15
  • Zuletzt bearbeitet 08.09.2025 16:25:38

An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability.

6

CVE-2024-36346

  • EPSS 0.03%
  • Veröffentlicht 06.09.2025 17:43:14
  • Zuletzt bearbeitet 08.09.2025 16:25:38

Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.

6.4

CVE-2024-36347

  • EPSS 0.01%
  • Veröffentlicht 27.06.2025 22:14:01
  • Zuletzt bearbeitet 30.06.2025 18:38:23

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiali...

7.5

CVE-2023-31345

  • EPSS 0.03%
  • Veröffentlicht 12.02.2025 00:15:08
  • Zuletzt bearbeitet 23.09.2025 22:15:32

Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.

5

CVE-2023-20508

  • EPSS 0.05%
  • Veröffentlicht 12.02.2025 00:15:07
  • Zuletzt bearbeitet 12.02.2025 00:15:07

Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.