CVE-2026-0427

Summary

Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability.

Affected Software

VendorProductVersion RangeStatus
AMDAMD Instinct™ MI210GIM 8.2.0.Kunaffected
AMDAMD Instinct™ MI300XGIM 8.2.0.Kunaffected
AMDAMD Instinct™ MI325XGIM 8.2.0.Kunaffected
AMDAMD Radeon™ PRO V710Contact your AMD Customer Engineering representativeunaffected

Weaknesses

  • CWE-459: CWE-459 Incomplete Cleanup

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References