amdsmi@5.6.1 vulnerabilities

AMDSMI Python LIB - AMD GPU Monitoring Library

Direct Vulnerabilities

Known vulnerabilities in the amdsmi package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Improper Privilege Management

amdsmi is an AMDSMI Python LIB - AMD GPU Monitoring Library

Affected versions of this package are vulnerable to Improper Privilege Management via the amdsmi_set_gpu_process_isolation and amdsmi_set_gpu_clear_sram_data due to improper handling of root-required operations for process isolation and SRAM data clearing. Attackers could exploit misconfigured permissions to gain unauthorized access or manipulate GPU processes.

Note:

This vulnerability is specific to systems where these features are enabled without adequate security measures.

How to fix Improper Privilege Management?

Upgrade amdsmi to version 6.1.2 or higher.

[,6.1.2)