Do not open a public GitHub issue. Report privately via one of:

• GitHub Private Vulnerability Reporting: Report a vulnerability
• AMD Product Security portal: https://www.amd.com/en/resources/product-security.html

Please include: description and impact, steps to reproduce, and affected versions or commits.

We aim to acknowledge reports within 1 business day.

This policy covers code and configuration in this repository. For issues in third-party dependencies, report upstream. For AMD product issues unrelated to this repo, use the AMD Product Security portal.