CVE-2025-52532 | THREATINT

Description

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv_cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the vulnerable system context.

PUBLISHED Reserved 2025-06-17 | Published 2026-05-15 | Updated 2026-05-15 | Assigner AMD

LOW: 2.0CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

Product status

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

Default status

affected

Contact your AMD Customer Engineering representative

unaffected

Default status

affected

GIM Driver 8.4

unaffected

Default status

affected

GIM Driver 8.4

unaffected

Default status

affected

GIM Driver 8.4

unaffected

Default status

affected

GIM Driver 8.4

unaffected

Default status

affected

GIM Driver 8.4

unaffected

Default status

affected

GIM Driver 8.4

unaffected

Credits

Reported through AMD Bug Bounty Program

References

www.amd.com/...es/product-security/bulletin/AMD-SB-6027.html

cve.org (CVE-2025-52532)

nvd.nist.gov (CVE-2025-52532)

Download JSON