Primary

Context

AMD GPU Firmware Improper Resource Cleanup Vulnerability Allowing Cross-VM Access

Vulnerability

Patched

A vulnerability exists in AMD GPU firmware due to improper cleanup of shared register resources. This issue could enable an admin-privileged attacker from one Guest Virtual Machine (VM) to access shared resources of another Guest VM, potentially leading to a loss of confidentiality, integrity, or availability.

Impact

Exploitation of this vulnerability could result in unauthorized access to shared register resources between Guest VMs, allowing for potential interference with the confidentiality, integrity, or availability of data or processes.

Remediation

Users are advised to update to GIM Driver version 8.2.0.K, available as part of the AMD Instinct MI210 and MI250 driver package.

Added: May 15, 2026, 3:21 AM

Updated: May 15, 2026, 3:21 AM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

0.6

exploitability

2.4

remediation

7.7

relevance

8.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

0.6

exploitability

2.4

remediation

7.7

relevance

8.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD GPU Firmware Improper Resource Cleanup Vulnerability Allowing Cross-VM Access

Vulnerability

Impact

Remediation

Affected Products

AMD Instinct MI210

AMD Instinct MI250

AMD Instinct MI300X

AMD Instinct MI308X

AMD Instinct MI325X

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating