AMD Embedded Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages...

Spectre-Branch Status Eviction (BSE) Vulnerability on ARM® Processors

AMD ID: AMD-SB-8007 Potential Impact: N/A Severity: N/A Summary According to the ARM® security team, Spectre-BSE exploits a microarchitectural mechanism that equips an adversary with a weak form of control over the victim’s branch history despite existing protections. This can lead to exploitativ...

AMD Graphics Driver for Linux®

AMD ID: AMD-SB-6021 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Researchers have reported potential vulnerabilities affecting AMD Graphics Driver for Linux®...

Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts

Bulletin ID: AMD-SB-7024 Potential Impact: N/A Severity: N/A Summary AMD is aware of a paper titled ‘SMaCK: Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts,’ published by researchers from Iowa State University and Google®. The research paper attempts to extend data-cache-sid...

AMD RESPONSE TO “I see dead µops: leaking secrets via Intel/AMD micro-op caches” RESEARCH PAPER

Bulletin ID: AMD-SB-1006 Summary AMD has reviewed the research paper and believes existing mitigations were not being bypassed and no new mitigations are required. AMD recommends its existing side-channel mitigation guidance and standard secure coding practices be followed. CVE Details None...

AMD GPU Timing-Based Side Channels

Revisions Revision Date| Description ---|--- 2026-02-10| Initial publication...

TPM Reference Implementation

CVE Details assigned by the TCG Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2025-2884| 6.6 Medium CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H| An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a read past the end of a...

AMD Graphics Driver Vulnerabilities – February 2025

AMD ID: AMD-SB-6008 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE...

AMD Ryzen™ Master Utility DLL Hijacking Vulnerability

AMD ID: AMD-SB-9010 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported a DLL hijacking vulnerability within the AMD Ryzen™ Master Utility. AMD Ryzen™ Master Utility is a tool designed to unlock and customize the performance of AMD Ryzen™ processors. It can...

Microarchitectural Cache Side-Channel Attacks

Bulletin ID: AMD-SB-7025 Potential Impact: N/A Severity: N/A Summary Researchers from Azure® Research, Microsoft® have provided to AMD a paper titled “Principled Microarchitectural Isolation on Cloud CPUs.” In their paper, the researchers describe a potential side-channel vulnerability on AMD CPU...

IOLeak - CPU Side Channel Attacks

AMD ID: AMD-SB-7042 Potential Impact: N/A Severity: N/A Summary Researchers have provided AMD with a summary of relevant remarks and findings detailed in a paper titled “IOLeak Side-Channel Attack Exploiting CPU Frequency Scaling and I/O Latency.” AMD reviewed the summary and believes this attack...

Branch History Leak

AMD ID: AMD-SB-7026 Potential Impact: N/A Severity: N/A Summary Researchers from The Harbin Institute of Technology have shared with AMD a paper titled “Branch History LeakeR: Leveraging Branch History to Construct a New Side Channel-Theory and Practice” that demonstrates a side channel attack...

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

Quality-of-Service Feature Side Channels

Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...

AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – May 2026

CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2025-61972| Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in...

AMD Chipset Driver Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-0028| An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address, potentially resulting in loss of...

SNPeek: Side-Channel Analysis for Privacy Applications on Confidential VMs

Revisions Revision Date| Description ---|--- 2026-02-23| Initial publication...

Control Flow Reconstruction using HPCs

Affected Products and Mitigation Performance counters are not protected by Secure Encrypted Virtualization SEV, SEV-ES, or SEV-SNP. AMD has defined support for performance counter virtualization in APM Vol 2, section 15.39. Performance Monitoring Counters PMC virtualization, available on AMD...

Incorrect Secure Flag Usage in Versal™ Adaptive SoC Arm® Trusted Firmware

Summary The Secure Flag passed to Versal™ Adaptive SoC’s Arm Trusted Firmware for Cortex®-A processors TF-A for Arm’s Power State Coordination Interface PSCI commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appea...

Compromising Trusted Execution Environments through DDR5 Memory Bus Interposition

Summary Researchers successfully executed a physical bus interposition attack targeting server-grade DDR5 memory, compromising the confidentiality of encrypted data during runtime. AMD does not plan to provide mitigations since physical vector attacks are out of scope for AMD SEV-SNP. as detailed...

AMD Optimizing CPU Libraries (AOCL) Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2024-21960| 7.3highCVSS3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H| Incorrect default permissions in the AMD Optimizing CPU Libraries AOCL installation directory could allow an attacker to achieve...

AMD GPU Security Vulnerabilities

AMD ID: AMD-SB-6016 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential security vulnerabilities in the Satellite Management Controller SMC in AMD Instinct™ MI300X accelerators were discovered during internal audit/penetration...

AMD SMM Vulnerabilities

AMD ID: AMD-SB-7027 Potential Impact: Arbitrary Code Execution Severity: High Summary Quarkslab reported vulnerabilities that could allow attackers to execute code within SMM System Management Mode. CVE-2024-21925 is the result of a lack of sufficient input buffers validation within the...

AMD Management Console Incorrect Default Permissions Vulnerability

Bulletin ID: AMD-SB-9003 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within AMD Management Console Software. AMD Management Console AMC is a GUI-based manageability...

Potential Vulnerabilities When Deviating From ARM® AXI Standard Protocol

Revisions Revision Date| Description ---|--- 2025-04-21| Added new researcher paper from same research team 2024-10-30| Initial publication DISCLAIMER The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken...

AMD Device Metrics Exporter (ROCm ecosystem) Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0481| Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially...

CPU OP Cache Corruption

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54518| Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level...

AMD RAID Driver Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2024-21962| Improper input validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location, potentially resulting in privilege escalation and arbitrary code...

SEV-SNP Guest Stack Pointer Corruption Vulnerability

Summary Researchers have reported a CPU-caused stack corruption issue caused by flipping an undocumented MSR bit. AMD believes that this vulnerability occurs due to inadequate access controls, which fail to prevent the hypervisor from setting an internal configuration bit. This attack could allow...

Stale Translation Lookaside Buffer (TLB) Entry Vulnerability

Summary An internally reported microcode bug in some EPYC™ AMD CPUs could allow a local admin-privileged attacker to run SEV-SNP Secure Encrypted Virtualization - Secure Nested Paging guests using stale TLB entries. This bug could allow SNP active vCPUs to reuse TLB entries from other virtual...

AMD Ryzen™ AI Software Vulnerabilities

AMD ID: AMD-SB-7037 Potential Impact: Refer to the CVE Details section Severity: High Summary AMD Bug Bounty researchers reported four vulnerabilities in AMD Ryzen™ AI Software...

PAGE PREFETCHER ATTACK

AMD ID: AMD-SB-7040 Potential Impact: N/A Severity: N/A Summary Researchers have disclosed to AMD a potential exploit, the page prefetcher attack PPA, a prefetcher-based side-channel attack. AMD has evaluated the paper and does not believe there are any new security implications...

CROSS-PROCESS GPU MEMORY DISCLOSURE

AMD ID: AMD-SB-6019 Potential Impact: Loss of Confidentiality Severity: Medium Summary A vulnerability in the Linux® drivers for AMD GPUs could allow cross-process disclosure of GPU global memory...

AMD SMM Callout Vulnerability

AMD ID: AMD-SB-7028 Potential Impact: Arbitrary Code Execution Severity: High Summary AMD SMM callout vulnerability in the AmdPlatformRasSspSmm driver supported on multiple processors. Eclypsium reported an SMM callout vulnerability within the AmdPlatformRasSspSmm UEFI module, which is supported ...

AIM-T Manageability Service Vulnerabilities

AMD ID: AMD-SB-9012 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported incorrect default permissions and Dynamic Link Library DLL hijacking vulnerabilities within AMD Integrated Management Technology AIM-T. AIM-T is designed to enable AMD Desktop and mobile...

Out of Bounds Read in Arm® Trusted Firmware

Bulletin ID: AMD-SB-8003 Potential Impact: Information Integrity Severity: Refer to the Summary section for details Summary Improper input validation in ARM® Trusted Firmware used in AMD ZynqTM UltraScale+TM MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads potentially...

ASP non-Coherent Memory Access

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54509| Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD Secure...

AMD Device Management Portal Key Download

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62619| Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to...

PCIe Specification Issues

Summary PCIe SIG in industry coordination with CERT CC is releasing details on three PCIe specification issues...

AMD Xilinx Run Time (XRT) Vulnerabilities

Summary The researchers reported vulnerabilities within AMD Xilinx Run Time XRT drivers, particularly in user space XRT driver XOCL. These drivers are delivered as part of the AMD XRT framework. Please refer to the CVE Details section for further information on each of these vulnerabilities...

AMD Server Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...

Spectre-v2 Domain Isolation

AMD ID: AMD-SB-7034 Potential Impact: N/A Severity: N/A Summary Researchers from VU Amsterdam have shared with AMD a paper exploring the effectiveness of domain isolation against Spectre-v2 type attacks. AMD believes the techniques described by the researchers are not applicable to AMD products...

AMD uProf Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVSS Severity| CVE Description ---|---|--- CVE-2024-36340| 6.6 MediumCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N| A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points,...

AMD Client Processor Vulnerabilities – February 2025

AMD ID: AMD-SB-4008 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, and other platform components were reported. Mitigations are being provided in Platform Initialization PI...

Unsafe OpenSSL Initialization Vulnerability Within AMD Manageability Software

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62628| Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution....

MilanLaunchy Firmware Loader

References CVE-2021-26315: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1021.html CVE-2024-21944: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3015.html CVE-2024-21981: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html &...

AMD Graphics Vulnerabilities – May 2026

CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2024-36323| Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine VM or a process to perform unauthorized access to the register space of the JPEG...

InstallShield Privilege Escalation

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description ---|--- CVE-2024-14012 Issued by Revenera| https://vulners.com/cve/CVE-2024-14012...

AMD Athlon™ and AMD Ryzen™ Processor Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Attack Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data...

AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality ...