182 matches found
Microarchitectural Cache Side-Channel Attacks
Bulletin ID: AMD-SB-7025 Potential Impact: N/A Severity: N/A Summary Researchers from Azure® Research, Microsoft® have provided to AMD a paper titled “Principled Microarchitectural Isolation on Cloud CPUs.” In their paper, the researchers describe a potential side-channel vulnerability on AMD CPU...
Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts
Bulletin ID: AMD-SB-7024 Potential Impact: N/A Severity: N/A Summary AMD is aware of a paper titled ‘SMaCK: Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts,’ published by researchers from Iowa State University and Google®. The research paper attempts to extend data-cache-sid...
TPM Reference Implementation
CVE Details assigned by the TCG Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2025-2884| 6.6 Medium CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H| An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a read past the end of a...
AMD Management Console Incorrect Default Permissions Vulnerability
Bulletin ID: AMD-SB-9003 Potential Impact: Incorrect Default Permissions Leading to Arbitrary Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within AMD Management Console Software. AMD Management Console AMC is a GUI-based manageability...
Incorrect Secure Flag Usage in Versal™ Adaptive SoC Arm® Trusted Firmware
Summary The Secure Flag passed to Versal™ Adaptive SoC’s Arm Trusted Firmware for Cortex®-A processors TF-A for Arm’s Power State Coordination Interface PSCI commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appea...
PAGE PREFETCHER ATTACK
AMD ID: AMD-SB-7040 Potential Impact: N/A Severity: N/A Summary Researchers have disclosed to AMD a potential exploit, the page prefetcher attack PPA, a prefetcher-based side-channel attack. AMD has evaluated the paper and does not believe there are any new security implications...
CROSS-PROCESS GPU MEMORY DISCLOSURE
AMD ID: AMD-SB-6019 Potential Impact: Loss of Confidentiality Severity: Medium Summary A vulnerability in the Linux® drivers for AMD GPUs could allow cross-process disclosure of GPU global memory...
AMD GPU Security Vulnerabilities
AMD ID: AMD-SB-6016 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential security vulnerabilities in the Satellite Management Controller SMC in AMD Instinct™ MI300X accelerators were discovered during internal audit/penetration...
AMD SMM Vulnerabilities
AMD ID: AMD-SB-7027 Potential Impact: Arbitrary Code Execution Severity: High Summary Quarkslab reported vulnerabilities that could allow attackers to execute code within SMM System Management Mode. CVE-2024-21925 is the result of a lack of sufficient input buffers validation within the...
AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – May 2026
CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2025-61972| Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in...
CPU OP Cache Corruption
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54518| Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level...
SNPeek: Side-Channel Analysis for Privacy Applications on Confidential VMs
Revisions Revision Date| Description ---|--- 2026-02-23| Initial publication...
PCIe Specification Issues
Summary PCIe SIG in industry coordination with CERT CC is releasing details on three PCIe specification issues...
Stale Translation Lookaside Buffer (TLB) Entry Vulnerability
Summary An internally reported microcode bug in some EPYC™ AMD CPUs could allow a local admin-privileged attacker to run SEV-SNP Secure Encrypted Virtualization - Secure Nested Paging guests using stale TLB entries. This bug could allow SNP active vCPUs to reuse TLB entries from other virtual...
Missing Use of the Secure Flag in Zynq™ UltraScale+™ SoC Trusted Firmware
Summary A researcher reported that the security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability turn on and off subsystems within the SoC...
SEV Ciphertext Side Channel Attacks
Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...
Physical Attacks Leading to Bypass of ASP Boot ROM Secure Boot
Summary Researchers shared a report titled “Code Execution on Zen 4 PSP using Voltage Fault Injection.” In the paper, the researchers reported their findings on Voltage Fault Injection VFI attacks targeting AMD “Zen 4” CPUs, specifically the Ryzen™ 8600G model. The researchers claim these types o...
IOLeak - CPU Side Channel Attacks
AMD ID: AMD-SB-7042 Potential Impact: N/A Severity: N/A Summary Researchers have provided AMD with a summary of relevant remarks and findings detailed in a paper titled “IOLeak Side-Channel Attack Exploiting CPU Frequency Scaling and I/O Latency.” AMD reviewed the summary and believes this attack...
AMD Optimizing CPU Libraries (AOCL) Vulnerabilities
CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2024-21960| 7.3highCVSS3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H| Incorrect default permissions in the AMD Optimizing CPU Libraries AOCL installation directory could allow an attacker to achieve...
AMD Ryzen™ AI Software Vulnerabilities
AMD ID: AMD-SB-7037 Potential Impact: Refer to the CVE Details section Severity: High Summary AMD Bug Bounty researchers reported four vulnerabilities in AMD Ryzen™ AI Software...
Branch History Leak
AMD ID: AMD-SB-7026 Potential Impact: N/A Severity: N/A Summary Researchers from The Harbin Institute of Technology have shared with AMD a paper titled “Branch History LeakeR: Leveraging Branch History to Construct a New Side Channel-Theory and Practice” that demonstrates a side channel attack...
AMD Client Processor Vulnerabilities – February 2025
AMD ID: AMD-SB-4008 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, and other platform components were reported. Mitigations are being provided in Platform Initialization PI...
AMD SMM Callout Vulnerability
AMD ID: AMD-SB-7028 Potential Impact: Arbitrary Code Execution Severity: High Summary AMD SMM callout vulnerability in the AmdPlatformRasSspSmm driver supported on multiple processors. Eclypsium reported an SMM callout vulnerability within the AmdPlatformRasSspSmm UEFI module, which is supported ...
Potential Vulnerabilities When Deviating From ARM® AXI Standard Protocol
Revisions Revision Date| Description ---|--- 2025-04-21| Added new researcher paper from same research team 2024-10-30| Initial publication DISCLAIMER The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken...
Performance Counter Side Channel
Bulletin ID: AMD-SB-3013 Potential Impact: N/A Severity: N/A Summary Researchers from Graz University of Technology, Austria, have reported a way for a malicious hypervisor to monitor performance counters and potentially recover data from a guest VM...
AMD Server Software and Embedded Chipset Driver Vulnerabilities Identified in Windows® Environments
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0432| Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.|...
Unsafe OpenSSL Initialization Vulnerability Within AMD Manageability Software
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62628| Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution....
AMD RAID Driver Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2024-21962| Improper input validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location, potentially resulting in privilege escalation and arbitrary code...
AMD Device Management Portal Key Download
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62619| Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to...
AMD Device Metrics Exporter (ROCm ecosystem) Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0481| Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially...
AMD GPU Timing-Based Side Channels
Revisions Revision Date| Description ---|--- 2026-02-10| Initial publication...
Spectre-v2 Domain Isolation
AMD ID: AMD-SB-7034 Potential Impact: N/A Severity: N/A Summary Researchers from VU Amsterdam have shared with AMD a paper exploring the effectiveness of domain isolation against Spectre-v2 type attacks. AMD believes the techniques described by the researchers are not applicable to AMD products...
AMD uProf Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVSS Severity| CVE Description ---|---|--- CVE-2024-36340| 6.6 MediumCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N| A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points,...
AMD Chipset Driver Vulnerabilities
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-0028| An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address, potentially resulting in loss of...
InstallShield Privilege Escalation
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description ---|--- CVE-2024-14012 Issued by Revenera| https://vulners.com/cve/CVE-2024-14012...
Quality-of-Service Feature Side Channels
Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...
Control Flow Reconstruction using HPCs
Affected Products and Mitigation Performance counters are not protected by Secure Encrypted Virtualization SEV, SEV-ES, or SEV-SNP. AMD has defined support for performance counter virtualization in APM Vol 2, section 15.39. Performance Monitoring Counters PMC virtualization, available on AMD...
AMD Athlon™ and AMD Ryzen™ Processor Vulnerabilities – February 2026
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Attack Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data...
Memory Re-orderings as a Timerless Side-channel
Summary Researchers have provided AMD with a paper titled “MEMORY DISORDER: Memory Re-orderings as a Timerless Side-channel” In this work, the authors introduced MEMORY DISORDER, a timerless side-channel attack that exploits memory re-orderings to infer activity on other processes. They showed th...
Phoenix: Rowhammer Attacks on DDR5 Memory
Mitigation AMD released updated Platform Initialization PI packages to the Original Equipment Manufacturers OEM for AMD Ryzen™ Series processors. These updates allow customers to enable Mixed Refresh Mode, which is an existing DRAM workaround to rowhammer-style attacks. Please contact your OEM fo...
Versal™ Adaptive SoC – Improper Configuration of the Secure Stream Switch during Post-Boot Cryptographic Operations
AMD ID: AMD-SB-8011 Potential Impact: N/A Severity: N/A Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that allows a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECD...
AIM-T Manageability Service Vulnerabilities
AMD ID: AMD-SB-9012 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported incorrect default permissions and Dynamic Link Library DLL hijacking vulnerabilities within AMD Integrated Management Technology AIM-T. AIM-T is designed to enable AMD Desktop and mobile...
Last-Level Cache Attack
AMD ID: AMD-SB-7032 Potential Impact: N/A Severity: N/A Summary Researchers from Wuhan University have provided AMD with a paper titled “ZenLeak: Practical Last-Level Cache Side-Channel Attacks on AMD Zen Processors” in which they discuss prime and probe attacks targeting the Last-Level Cache LLC...
Out of Bounds Read in Arm® Trusted Firmware
Bulletin ID: AMD-SB-8003 Potential Impact: Information Integrity Severity: Refer to the Summary section for details Summary Improper input validation in ARM® Trusted Firmware used in AMD ZynqTM UltraScale+TM MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads potentially...
Ionic Driver Vulnerabilities
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62623| A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.| 8....
AMD µProf Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-61969| Incorrect permission assignment in AMD µProf performance analysis tool-suite may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in...
AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – February 2026
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score| CVSS Vector ---|---|---|--- CVE-2025-52533| Improper access control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality ...
Optical Probing of Readback CRC Bus
Revisions Revision Date| Description ---|--- 2026-02-10| Initial publication...
AMD μProf Vulnerabilities
Summary A bug bounty researcher reported multiple vulnerabilities within the AMD μProf tool. In these reports, the researcher notes that the AMD μProf vulnerability has multiple improper input validation vulnerabilities and an improper return value vulnerability, which could potentially result in...
AMD Xilinx Run Time (XRT) Vulnerabilities
Summary The researchers reported vulnerabilities within AMD Xilinx Run Time XRT drivers, particularly in user space XRT driver XOCL. These drivers are delivered as part of the AMD XRT framework. Please refer to the CVE Details section for further information on each of these vulnerabilities...