CVE-2026-0428: TEE SOC Driver Sanitation Flaw Allows Unauthorized Reg Write
CVE-2026-0428 Published on May 15, 2026

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS to write invalid data to a remote Die, potentially resulting in unexpected behavior.

NVD

Weakness Type

Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Affected Versions

AMD Instinct™ MI300A:

Version BKC 26 is unaffected.

AMD Instinct™ MI300X:

Version ROCm 6.3.1 is unaffected.

AMD Instinct™ MI308X:

Version ROCm 6.4.2 is unaffected.

AMD Instinct™ MI325X:

Version ROCm 6.3.1 is unaffected.

CVE-2026-0428: TEE SOC Driver Sanitation Flaw Allows Unauthorized Reg WriteCVE-2026-0428 Published on May 15, 2026

Weakness Type

Improper Validation of Specified Quantity in Input

Affected Versions

CVE-2026-0428: TEE SOC Driver Sanitation Flaw Allows Unauthorized Reg Write
CVE-2026-0428 Published on May 15, 2026