HIGH SeverityCVSS 4.08.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVE-2025-54517
Last updated May 15, 2026 · Published May 15, 2026
Description
Out of bounds write in AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution.
Affected products
1 listed- AMD:AMD Instinct™ MI210; AMD:AMD Instinct™ MI250; AMD:AMD Instinct™ MI300A; AMD:AMD Instinct™ MI300X; AMD:AMD Instinct™ MI308X; AMD:AMD Instinct™ MI325X; AMD:AMD Radeon™ PRO V620; AMD:AMD Radeon™ PRO V710
Mappings
CWE
CWE-787
CAPEC
None listed.
Related
Training
- Authorisation and Access ControlRBAC, ABAC, and privilege escalation patterns in real applications.
- Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.
- Input Validation and Schema EnforcementValidate early, validate strictly - schemas, allowlists, and type-safe boundaries.
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms