Insufficient Parameter Sanitization in AMD TEE SOC Driver
CVE-2025-66660

1.8LOW

Key Information:

Vendor: Amd
Status: Amd Radeon™ Rx 6000 Series Graphics Products; Amd Radeon™ Rx 7000 Series Graphics Products; Amd Radeon™ Pro W6000 Series Graphics Products; Amd Radeon™ Pro W7000 Series Graphics Products
Vendor: CVE Published:; 15 May 2026

What is CVE-2025-66660?

A vulnerability has been identified in the AMD TEE SOC Driver, where insufficient sanitization of parameters allows an attacker to send a malformed command, specifically DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT. This can lead to incorrect shared memory mapping, which may cause unexpected behavior in the affected systems. Addressing this vulnerability is crucial for maintaining the integrity and security of devices utilizing the AMD TEE SOC Driver.

Affected Version(s)

AMD Instinct™ MI210 ROCm 7.0.1

AMD Instinct™ MI250 ROCm 7.0.1

AMD Instinct™ MI300A BKC 26

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

1.8

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Dec 6, 2025

CVE-2025-66660 Data

JSON

Amd

What is CVE-2025-66660?

Affected Version(s)

References

CVSS V4

Timeline