Improper Resource Management in GPU Firmware by AMD
CVE-2026-0427

4.6MEDIUM

Key Information:

Vendor: Amd
Status: Amd Instinct™ Mi210; Amd Instinct™ Mi300x; Amd Instinct™ Mi325x; Amd Radeon™ Pro V710
Vendor: CVE Published:; 15 May 2026

What is CVE-2026-0427?

A flaw in AMD's GPU firmware relates to improper cleanup of shared register resources, enabling an admin-privileged attacker from one Guest Virtual Machine (VM) to retrieve sensitive information or manage resources of another Guest VM. This vulnerability can lead to potential breaches in confidentiality, integrity, and availability, highlighting the critical need for robust security measures within virtualized environments.

Affected Version(s)

AMD Instinct™ MI210 GIM 8.2.0.K

AMD Instinct™ MI300X GIM 8.2.0.K

AMD Instinct™ MI325X GIM 8.2.0.K

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

4.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Dec 6, 2025

CVE-2026-0427 Data

JSON

Amd

What is CVE-2026-0427?

Affected Version(s)

References

CVSS V4

Timeline