CNNVD-202509-3638 Information

CNNVD ID

CNNVD-202509-3638

Related CVE

CVE-2024-21935

• CNNVD Published: 2025-09-23

Description (Chinese)

AMD Instinct MI300X accelerators是美国超威半导体（AMD）公司的一款数据中心级GPU加速卡。 AMD Instinct MI300X accelerators存在安全漏洞，该漏洞源于输入验证不当，可能导致特权攻击者通过Redfish API命令删除本地根目录文件，造成数据损坏。

Description (English)

AMD Institute MI300X accelerators are a data centre-level GPU accelerator at AMD. AMD Insurance MI300X accelerators have a security loophole, which stems from inappropriate input validation, which may lead the privileged assailant to remove the local root directory file by Redfish API command, causing data damage.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ametys

Published

2025-09-23

Last Modified

2026-02-24

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6016.html

Patch

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6016.html