Description
Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- AMD / AMD Instinct™ MI210GIM Driver 8.4 – GIM Driver 8.4
- AMD / AMD Instinct™ MI250GIM Driver 8.4 – GIM Driver 8.4
- AMD / AMD Instinct™ MI300AGIM Driver 8.4 – GIM Driver 8.4
- AMD / AMD Instinct™ MI300XGIM Driver 8.4 – GIM Driver 8.4
- AMD / AMD Instinct™ MI308XGIM Driver 8.4 – GIM Driver 8.4
- AMD / AMD Instinct™ MI325XGIM Driver 8.4 – GIM Driver 8.4
- AMD / AMD Radeon™ PRO V620Contact your AMD Customer Engineering representative – Contact your AMD Customer Engineering representative
- AMD / AMD Radeon™ PRO V710Contact your AMD Customer Engineering representative – Contact your AMD Customer Engineering representative