CVE-2025-52532

Summary

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Radeon™ PRO V620Contact your AMD Customer Engineering representativeunaffected
AMDAMD Radeon™ PRO V710Contact your AMD Customer Engineering representativeunaffected
AMDAMD Instinct™ MI250GIM Driver 8.4unaffected
AMDAMD Instinct™ MI308XGIM Driver 8.4unaffected
AMDAMD Instinct™ MI300AGIM Driver 8.4unaffected
AMDAMD Instinct™ MI300XGIM Driver 8.4unaffected
AMDAMD Instinct™ MI325XGIM Driver 8.4unaffected
AMDAMD Instinct™ MI210GIM Driver 8.4unaffected

Weaknesses

  • CWE-367: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References