Insufficient Parameter Sanitization in AMD Secure Processor TEE SOC Driver
CVE-2025-66664

4.6MEDIUM

Key Information:

Vendor: Amd
Status: Amd Radeon™ Rx 6000 Series Graphics Products; Amd Radeon™ Rx 7000 Series Graphics Products; Amd Radeon™ Pro W6000 Series Graphics Products; Amd Radeon™ Pro W7000 Series Graphics Products
Vendor: CVE Published:; 15 May 2026

What is CVE-2025-66664?

A flaw in the AMD Secure Processor TEE SOC Driver stems from inadequate sanitization of input parameters. This weakness enables attackers to exploit a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command. As a result, it could facilitate out-of-bounds read operations, leading to potential exposure of sensitive memory contents within the SOC Driver, or trigger exceptions that disrupt normal operation.

Affected Version(s)

AMD Instinct™ MI210 ROCm 7.0

AMD Instinct™ MI250 ROCm 7.0

AMD Instinct™ MI300A BKC 26 (ROCm 7.0.1)

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Dec 6, 2025

CVE-2025-66664 Data

JSON

Amd

What is CVE-2025-66664?

Affected Version(s)

References

CVSS V4

Timeline