Primary

Context

AMD Secure Processor TOCTOU Race Condition Vulnerability Allowing Modification of XGMI TA Commands

Vulnerability

A time-of-check time-of-use (TOCTOU) race condition has been identified in the AMD Secure Processor (ASP). This vulnerability could allow an attacker to alter External Global Memory Interconnect Trusted Agent (XGMI TA) commands during processing, potentially leading to a loss of confidentiality, integrity, or availability.

Impact

Exploitation of this vulnerability could result in unauthorized modifications to XGMI TA commands, with potential consequences for confidentiality, integrity, or availability.

Remediation

Users can update to the AMD ROCm version 6.4 or later. For AMD Radeon PRO V7000 Series Graphics Products, contact your AMD Customer Engineering representative.

Added: Feb 11, 2026, 3:24 PM

Updated: Feb 11, 2026, 5:58 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.9

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.9

remediation

0.0

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD Secure Processor TOCTOU Race Condition Vulnerability Allowing Modification of XGMI TA Commands

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating