CVE-2025-0044

An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability...

EUVD-2025-209880

An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability...

CVE-2023-31309

CVE-2023-31309 describes an improper validation vulnerability in AMD's Power Management Firmware (PMFW). The issue allows a user with privileges to pass malformed workload arguments when exporting table data from the System Management Unit (SMU) to DRAM, potentially causing loss of confidentialit...

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

EUVD-2025-209878

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

CVE-2025-54511

CVE-2025-54511 affects the AMD Secure Processor (ASP). The AMD bulletin and NVD entry state that improper handling of insufficient privileges could allow an attacker to provide an input value to a function without sufficient privileges and write data, potentially impacting integrity and availabil...

CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

CVE-2023-31316

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...

CVE-2023-31316

CVE-2023-31316 affects the AMD Secure Processor (ASP) and Video Core Next (VCN) firmware. The root cause is improper preservation of hardware configuration state during a power save/restore operation, allowing a local attacker who can write outside the trusted memory range (TMR) to alter VCN firm...

CVE-2023-31316

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...

CVE-2025-29935

An out of bounds write within the AMD Platform Management Framework PMF could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability...

CVE-2025-29937

An out of bounds read within the AMD Platform Management Framework PMF could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality...

CVE-2025-29937

The CVE-2025-29937 entry concerns an out-of-bounds read in the AMD Platform Management Framework (PMF) . The vulnerability could allow a local attacker to read an arbitrary memory location, potentially impacting availability and confidentiality. AMD PSIRT metrics indicate CVSSv4.0 base score 5.8 ...

EUVD-2025-209867

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2025-0028

The AMD PMF (Platform Management Framework) vulnerability CVE-2025-0028 stems from an unchecked return value in the PMF that could enable a local attacker to read or modify an arbitrary address, risking confidentiality, integrity, and availability. The issue is tied to the AMD chipset driver/PMF ...

CVE-2025-29936

Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...

CVE-2025-29936

CVE-2025-29936 involves the AMD Platform Management Framework (PMF) Driver. Description: improper input validation could allow a local attacker to un-map arbitrary memory pages, potentially impacting integrity and availability, or facilitate privilege escalation with loss of confidentiality. The ...

CVE-2025-48513

CVE-2025-48513 concerns the AMD Platform Management Framework (PMF). The issue is a use of an uninitialized resource that could allow a local attacker to read an uninitialized kernel memory, potentially affecting confidentiality and availability. CVSS 4.0 base metrics indicate a LOW-privilege, LO...

CVE-2025-48513

Use of uninitialized resource within the AMD Platform Management Framework PMF could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability...