Primary

Context

AMD TEE SOC Driver Insufficient Parameter Sanitization Vulnerability Allowing Malformed Command Exploitation

Vulnerability

Patched

A vulnerability exists in the AMD Trusted Execution Environment (TEE) System-on-Chip (SoC) driver due to inadequate parameter sanitization. This flaw could enable an attacker to send a malformed command, specifically 'DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS', to a remote die. The exploitation of this vulnerability could result in the unauthorized writing of invalid data to the remote die, potentially causing unexpected behavior in the system.

Impact

Exploitation of this vulnerability could lead to unexpected behavior in the affected system.

Remediation

Users are advised to update to AMD ROCm version 6.3.1 or later. For AMD Radeon PRO V620 graphics cards, update to version 25.Q4 (25.10.37.01).

Added: May 15, 2026, 3:19 AM

Updated: May 15, 2026, 3:19 AM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

0.2

exploitability

3.3

remediation

7.7

relevance

8.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

0.2

exploitability

3.3

remediation

7.7

relevance

8.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AMD TEE SOC Driver Insufficient Parameter Sanitization Vulnerability Allowing Malformed Command Exploitation

Vulnerability

Impact

Remediation

Affected Products

AMD Instinct MI300A

AMD Instinct MI300X

AMD Instinct MI308X

AMD Instinct MI325X

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating