Description
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior.
Published: 2026-05-15
Score: 1.8 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Insufficient sanitization of a TEE SOC driver command allows an attacker to inject a malformed SRIOV_CHECK_TA_COMPAT request. This can cause the driver to map shared memory incorrectly, which in turn may lead to memory corruption, application crashes, or denial of service. The CVSS score indicates a low overall risk, but the lack of proper memory handling leaves the system vulnerable to unpredictable behavior.

Affected Systems

AMD Instinct MI210, AMD Instinct MI250, AMD Instinct MI300A, AMD Instinct MI300X, AMD Instinct MI308X, AMD Instinct MI325X, AMD Radeon PRO V620, AMD Radeon PRO V710, AMD Radeon PRO W6000 Series Graphics, AMD Radeon PRO W7000 Series Graphics, AMD Radeon RX 6000 Series Graphics, AMD Radeon RX 7000 Series Graphics

Risk and Exploitability

With a CVSS score of 1.8 and no EPSS data available, the exploitation likelihood is low but not negligible. The vulnerability is not listed in the CISA KEV catalog, suggesting no confirmed widespread exploitation. The attack likely requires local privileges or access to the TEE SOC driver, indicating a local or privileged attack vector. The impact is limited to driver stability and potential denial of service rather than remote code execution.

Generated by OpenCVE AI on May 15, 2026 at 04:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check AMD’s product‑security bulletin for an updated driver release and install it as soon as possible
  • Restrict user access to the TEE SOC driver by applying least‑privilege principles and disabling any unnecessary services that load the driver
  • Configure system monitoring to detect abnormal memory mapping or driver crashes, and investigate any incidents promptly

Generated by OpenCVE AI on May 15, 2026 at 04:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 15 May 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd instinct Mi210
Amd instinct Mi250
Amd instinct Mi300a
Amd instinct Mi300x
Amd instinct Mi308x
Amd instinct Mi325x
Amd radeon Pro V620
Amd radeon Pro V710
Amd radeon Pro W6000 Series
Amd radeon Pro W7000 Series
Amd radeon Rx 6000 Series
Amd radeon Rx 7000 Series
Vendors & Products Amd
Amd instinct Mi210
Amd instinct Mi250
Amd instinct Mi300a
Amd instinct Mi300x
Amd instinct Mi308x
Amd instinct Mi325x
Amd radeon Pro V620
Amd radeon Pro V710
Amd radeon Pro W6000 Series
Amd radeon Pro W7000 Series
Amd radeon Rx 6000 Series
Amd radeon Rx 7000 Series

Fri, 15 May 2026 04:45:00 +0000

Type Values Removed Values Added
Title Incorrect Shared Memory Mapping via Malformed TEE SOC Command

Fri, 15 May 2026 03:00:00 +0000

Type Values Removed Values Added
Description Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior.
Weaknesses CWE-1284
References
Metrics cvssV4_0

{'score': 1.8, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Amd Instinct Mi210 Instinct Mi250 Instinct Mi300a Instinct Mi300x Instinct Mi308x Instinct Mi325x Radeon Pro V620 Radeon Pro V710 Radeon Pro W6000 Series Radeon Pro W7000 Series Radeon Rx 6000 Series Radeon Rx 7000 Series
cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2026-05-15T16:10:53.782Z

Reserved: 2025-12-06T15:03:58.970Z

Link: CVE-2025-66660

cve-icon Vulnrichment

Updated: 2026-05-15T16:10:02.108Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-15T03:16:22.617

Modified: 2026-05-15T14:10:17.083

Link: CVE-2025-66660

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T11:20:59Z

Weaknesses