CVE-2026-0428 | THREATINT

Description

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS to write invalid data to a remote Die, potentially resulting in unexpected behavior.

PUBLISHED Reserved 2025-12-06 | Published 2026-05-15 | Updated 2026-05-15 | Assigner AMD

LOW: 1.8CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-1284 Improper Validation of Specified Quantity in Input

Product status

Default status

affected

BKC 26

unaffected

Default status

affected

ROCm 6.3.1

unaffected

Default status

affected

ROCm 6.4.2

unaffected

Default status

affected

ROCm 6.3.1

unaffected

References

www.amd.com/...es/product-security/bulletin/AMD-SB-6027.html

cve.org (CVE-2026-0428)

nvd.nist.gov (CVE-2026-0428)

Download JSON

help @ threatint.eu