Compromising Trusted Execution Environments through DDR5 Memory Bus Interposition

Summary Researchers successfully executed a physical bus interposition attack targeting server-grade DDR5 memory, compromising the confidentiality of encrypted data during runtime. AMD does not plan to provide mitigations since physical vector attacks are out of scope for AMD SEV-SNP. as detailed...

SEV-SNP RMP Initialization Vulnerability

Summary Researchers from ETHz reported that a malicious hypervisor could corrupt the Reverse Map Table RMP during Secure Nested Paging SNP initialization. AMD reproduced the issue and determined it is due to a race condition that can occur while the AMD Secure Processor ASP is initializing the RM...

Voltage Fault Injection on SEV Virtual Machines

Summary Researchers shared with AMD a report titled “Voltage Fault Injection on SEV-protected Virtual Machines.” The report noted a Voltage Fault Injection VFI attack targeting AMD EPYC™ 7272 CPUs running Secure Encrypted Virtualization SEV protected virtual machines VMs. Physical attacks such as...

AMD Client Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD Client Processor platforms that affect SMM, ASP, and other platform components, were found during audits performed internally and by third parties...

MilanLaunchy Firmware Loader

References CVE-2021-26315: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1021.html CVE-2024-21944: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3015.html CVE-2024-21981: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html &...

AMD Graphics Vulnerabilities – May 2026

CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2024-36323| Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine VM or a process to perform unauthorized access to the register space of the JPEG...

AMD Graphics Driver Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description | CVSS Score ---|---|--- CVE-2024-36324| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.| 8.8 High...

SEV-SNP Guest Stack Pointer Corruption Vulnerability

Summary Researchers have reported a CPU-caused stack corruption issue caused by flipping an undocumented MSR bit. AMD believes that this vulnerability occurs due to inadequate access controls, which fail to prevent the hypervisor from setting an internal configuration bit. This attack could allow...

Prefetcher Side Channel Attack

Revisions Revision Date| Description ---|--- 2025-10-17| Initial publication...

Undervoltage-based Static Side-channel Attacks (“Chypnosis”) on FPGAs

Summary This document describes a potential attack technique against FPGA devices that leverages side-channel analysis SCA techniques to physically extract register and memory content from the device. In applications following best practices for security, critical data, such as decryption keys, i...

Zynq™ UltraScale+™ SoC Overwriting Protected Memory Regions Through PMU Firmware

AMD ID: AMD-SB-8008 Potential Impact: Loss of confidentiality and Integrity Severity: Medium Summary In Zynq™ UltraScale+™ devices, the Platform Management Unit PMU Firmware is designed to implement runtime post boot software services that allow a remote processor to command the PMU to execute...

Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor

CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2023-20599| 7.9 High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto...

Versal Adaptive SoC – Overwriting Protected Memory Regions through PLM Firmware

AMD ID: AMD-SB-8010 Potential Impact: Loss of confidentiality and Integrity Severity: Medium Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that can allow a remote processor to command the PLM to execute cryptographic...

Guest Initiated Machine Check Errors

Summary AMD received a report from the security team at Amazon Web Services AWS indicating that it may be possible for guest VMs to cause a crash of a host system. By flooding the host system with a large number of malformed System Management Interrupts SMIs, it may be possible for a guest VM to...

GPUHammer: Rowhammer Attacks on GPU Memories are Practical

Revisions Revision Date| Description ---|--- 2025-12-03| Initial publication...

Physical Address Bit Leakage on AMD SEV-SNP Systems

Revisions Revision Date| Description ---|--- 2025-10-20| Initial publication...

SEV-SNP Physical Memory Aliasing

Summary Researchers have reported a method for privileged attackers with physical access to a motherboard to potentially compromise confidentiality and integrity of AMD Secure Encrypted Virtualization – Secure Nesting Paging SEV-SNP guests. AMD does not plan to release any mitigations in response...

DRAM Related Side Channel Attacks

Summary Researchers have provided AMD with a paper titled “Quo VADIS DDR5? Verifying Addressing of DRAM In Software.” In this paper, the authors present an approach to verifying DRAM addressing functions from software using the DRAM row conflict side channel. The authors claim that the presented...

Branch Predictor Isolation in KVM-QEMU

Summary Researchers claim new KVM-QEMU primitives allow exploitation of Spectre V2 resulting in information leakage in various cloud scenarios. KVM-QEMU is a combination of KVM Kernel-based Virtual Machine, a Linux kernel module that enables hardware-assisted virtualization and Quick Emulator QEM...

AMD Adrenalin Driver Embedded Chromium Browser

Affected Products and Mitigation AMD recommends users concerned about potential vulnerabilities in Chromium keep the web browser setting disabled until mitigations have been released. AMD is planning to release updates for AMD Software: Adrenalin Edition which will include a newer version of...

Microarchitectural Attacks on the Stack Engine

Summary Researchers from ETH Zurich have published a paper titled “One Flew over the Stack Engine’s Nest: Practical Microarchitectural Attacks on the Stack Engine.” AMD continues to recommend software developers employ existing best practices including constant time algorithm and avoid...

EDK2 SMM MCE Enablement Issue

Summary A researcher reported a bug in the open source EDK2 system management interrupt SMI entry code when an MCE occurs near the start of the SMI handler. An attacker who can inject a machine check exception MCE could cause execution to jump to an attacker-controlled interrupt handler, leading ...

Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection

AMD ID: AMD-SB-7030 Potential Impact: N/A Severity: N/A Summary Researchers from ETH Zurich have provided AMD with a paper titled “Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection.” AMD reviewed the paper and believes that this vulnerability does not...

AMD DASH CLI Incorrect Default Permissions Vulnerability

AMD ID: AMD-SB-9008 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within the AMD DASH CLI Software. The AMD Desktop and mobile Architecture for System Hardware DASH Command Line Interface CLI is a command-lin...

Floating Point Divider State Sampling on AMD CPUs

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54505| A transient execution vulnerability within AMD CPUs may allow a local, user-privileged attacker to leak data via the floating-point divisor unit, potentially resulting in a loss of...

Floating Point Value Injection (FPVI) Variant in AMD CPUs

Summary Researchers shared with AMD a report titled “TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities.” The researchers' paper introduced a Floating-Point Value Injection FPVI variant, which could allow an attacker with a deep understanding of...

IOMMU Write Buffer Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2023-20585| Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP...

Mishandling Resource Contention in AMD Processors

Revisions Revision Date| Description ---|--- 2026-04-14| Initial publication...

Incorrect use of LocateProtocol Service of the EFI_BOOT_Services table in SMI Handler

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54502| Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation...

AMD Vivado™ Design Suite Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-52541| Uncontrolled search paths in the 2024.2 Vivado™ installation could allow a lower-level, local user to achieve privilege escalation, potentially resulting in arbitrary code execution...

AMD StoreMi™ Vulnerabilities

Summary Researchers have reported potential vulnerabilities in AMD StoreMi™ technology which may allow escalation of privilege. AMD StoreMi™ technology was a tool for users looking to improve load time, boot time, file management, or system responsiveness. AMD StoreMi™ falls outside of the securi...

AMD Server Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...