CVE-2026-0481

Summary

Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability

Affected Software

VendorProductVersion RangeStatus
AMDAMD Instinct™ MI210DME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI250DME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI300ADME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI300XDME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI325XDME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI350XDME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI355XDME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI308XDME v1.4.1.2 and v1.4.0.1unaffected
AMDAMD Instinct™ MI250XDME v1.4.1.2 and v1.4.0.1unaffected

Weaknesses

  • CWE-1327: CWE-1327 Binding to an Unrestricted IP Address

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References