Radeon Instinct Mi25 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-26377	1 Amd	11 Athlon, Athlon 3000, Radeon Instinct Mi25 and 8 more	2025-09-08	4.1 Medium
Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
CVE-2023-20516	1 Amd	7 Instinct Mi210, Instinct Mi250, Radeon and 4 more	2025-09-08	3.3 Low
Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.
CVE-2024-36352	1 Amd	11 Athlon, Athlon 3000, Radeon Instinct Mi25 and 8 more	2025-09-08	8.4 High
Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service.
CVE-2023-4969	3 Amd, Imaginationtech, Khronos	261 Athlon 3000g, Athlon 3000g Firmware, Instinct Mi100 and 258 more	2025-06-20	6.5 Medium
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Page 1 of 1.