ARM® CPU Vulnerability : Bypass of Stage 1 translation, Stage-2 translation, or GPT Protection

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-10263 non-AMD| According to the ARM® security team, a broadcast Translation Lookaside Buffer Invalidate TLBI on another Processing Element PE may be completed before affected memory access...

AMD Device Management Portal Key Download

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62619| Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to...

Ionic Driver Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62623| A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.| 8....

Floating Point Value Injection (FPVI) Variant in AMD CPUs

Summary Researchers shared with AMD a report titled “TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities.” The researchers' paper introduced a Floating-Point Value Injection FPVI variant, which could allow an attacker with a deep understanding of...

Incorrect use of LocateProtocol Service of the EFI_BOOT_Services table in SMI Handler

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54502| Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation...

AMD Graphics Driver Vulnerabilities – February 2026

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description | CVSS Score ---|---|--- CVE-2024-36324| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.| 8.8 High...

Memory Re-orderings as a Timerless Side-channel

Summary Researchers have provided AMD with a paper titled “MEMORY DISORDER: Memory Re-orderings as a Timerless Side-channel” In this work, the authors introduced MEMORY DISORDER, a timerless side-channel attack that exploits memory re-orderings to infer activity on other processes. They showed th...

AMD μProf Vulnerabilities

Summary A bug bounty researcher reported multiple vulnerabilities within the AMD μProf tool. In these reports, the researcher notes that the AMD μProf vulnerability has multiple improper input validation vulnerabilities and an improper return value vulnerability, which could potentially result in...

AMD Client Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD Client Processor platforms that affect SMM, ASP, and other platform components, were found during audits performed internally and by third parties...

Microarchitectural Attacks on the Stack Engine

Summary Researchers from ETH Zurich have published a paper titled “One Flew over the Stack Engine’s Nest: Practical Microarchitectural Attacks on the Stack Engine.” AMD continues to recommend software developers employ existing best practices including constant time algorithm and avoid...

Versal Adaptive SoC – Overwriting Protected Memory Regions through PLM Firmware

AMD ID: AMD-SB-8010 Potential Impact: Loss of confidentiality and Integrity Severity: Medium Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that can allow a remote processor to command the PLM to execute cryptographic...

Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection

AMD ID: AMD-SB-7030 Potential Impact: N/A Severity: N/A Summary Researchers from ETH Zurich have provided AMD with a paper titled “Privilege Desynchronization: Cross-Privilege Spectre Attacks with Branch Privilege Injection.” AMD reviewed the paper and believes that this vulnerability does not...

Last-Level Cache Attack

AMD ID: AMD-SB-7032 Potential Impact: N/A Severity: N/A Summary Researchers from Wuhan University have provided AMD with a paper titled “ZenLeak: Practical Last-Level Cache Side-Channel Attacks on AMD Zen Processors” in which they discuss prime and probe attacks targeting the Last-Level Cache LLC...

AMD µProf Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-61969| Incorrect permission assignment in AMD µProf performance analysis tool-suite may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in...

Optical Probing of Readback CRC Bus

Revisions Revision Date| Description ---|--- 2026-02-10| Initial publication...

SEV-SNP Physical Memory Aliasing

Summary Researchers have reported a method for privileged attackers with physical access to a motherboard to potentially compromise confidentiality and integrity of AMD Secure Encrypted Virtualization – Secure Nesting Paging SEV-SNP guests. AMD does not plan to release any mitigations in response...

Undervoltage-based Static Side-channel Attacks (“Chypnosis”) on FPGAs

Summary This document describes a potential attack technique against FPGA devices that leverages side-channel analysis SCA techniques to physically extract register and memory content from the device. In applications following best practices for security, critical data, such as decryption keys, i...

Voltage Fault Injection on SEV Virtual Machines

Summary Researchers shared with AMD a report titled “Voltage Fault Injection on SEV-protected Virtual Machines.” The report noted a Voltage Fault Injection VFI attack targeting AMD EPYC™ 7272 CPUs running Secure Encrypted Virtualization SEV protected virtual machines VMs. Physical attacks such as...

Zynq™ UltraScale+™ SoC Overwriting Protected Memory Regions Through PMU Firmware

AMD ID: AMD-SB-8008 Potential Impact: Loss of confidentiality and Integrity Severity: Medium Summary In Zynq™ UltraScale+™ devices, the Platform Management Unit PMU Firmware is designed to implement runtime post boot software services that allow a remote processor to command the PMU to execute...

Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor

CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2023-20599| 7.9 High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto...

Versal™ Adaptive SoC – Improper Configuration of the Secure Stream Switch during Post-Boot Cryptographic Operations

AMD ID: AMD-SB-8011 Potential Impact: N/A Severity: N/A Summary In Versal™ Adaptive SoC devices, the Platform Loader and Manager PLM implements runtime post-boot software services that allows a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECD...

AMD Auto Updater Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-40677| The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to arbitrary code execution.| 7.7...

Floating Point Divider State Sampling on AMD CPUs

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54505| A transient execution vulnerability within AMD CPUs may allow a local, user-privileged attacker to leak data via the floating-point divisor unit, potentially resulting in a loss of...

Prefetcher Side Channel Attack

Revisions Revision Date| Description ---|--- 2025-10-17| Initial publication...

DRAM Related Side Channel Attacks

Summary Researchers have provided AMD with a paper titled “Quo VADIS DDR5? Verifying Addressing of DRAM In Software.” In this paper, the authors present an approach to verifying DRAM addressing functions from software using the DRAM row conflict side channel. The authors claim that the presented...

Branch Predictor Isolation in KVM-QEMU

Summary Researchers claim new KVM-QEMU primitives allow exploitation of Spectre V2 resulting in information leakage in various cloud scenarios. KVM-QEMU is a combination of KVM Kernel-based Virtual Machine, a Linux kernel module that enables hardware-assisted virtualization and Quick Emulator QEM...

EDK2 SMM MCE Enablement Issue

Summary A researcher reported a bug in the open source EDK2 system management interrupt SMI entry code when an MCE occurs near the start of the SMI handler. An attacker who can inject a machine check exception MCE could cause execution to jump to an attacker-controlled interrupt handler, leading ...

AMD DASH CLI Incorrect Default Permissions Vulnerability

AMD ID: AMD-SB-9008 Potential Impact: Arbitrary Code Execution Severity: High Summary A researcher reported an incorrect default permissions vulnerability within the AMD DASH CLI Software. The AMD Desktop and mobile Architecture for System Hardware DASH Command Line Interface CLI is a command-lin...

IOMMU Write Buffer Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2023-20585| Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP...

Guest Initiated Machine Check Errors

Summary AMD received a report from the security team at Amazon Web Services AWS indicating that it may be possible for guest VMs to cause a crash of a host system. By flooding the host system with a large number of malformed System Management Interrupts SMIs, it may be possible for a guest VM to...

AMD Vivado™ Design Suite Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-52541| Uncontrolled search paths in the 2024.2 Vivado™ installation could allow a lower-level, local user to achieve privilege escalation, potentially resulting in arbitrary code execution...

GPUHammer: Rowhammer Attacks on GPU Memories are Practical

Revisions Revision Date| Description ---|--- 2025-12-03| Initial publication...

Physical Address Bit Leakage on AMD SEV-SNP Systems

Revisions Revision Date| Description ---|--- 2025-10-20| Initial publication...

Mishandling Resource Contention in AMD Processors

Revisions Revision Date| Description ---|--- 2026-04-14| Initial publication...

AMD StoreMi™ Vulnerabilities

Summary Researchers have reported potential vulnerabilities in AMD StoreMi™ technology which may allow escalation of privilege. AMD StoreMi™ technology was a tool for users looking to improve load time, boot time, file management, or system responsiveness. AMD StoreMi™ falls outside of the securi...

AMD Adrenalin Driver Embedded Chromium Browser

Affected Products and Mitigation AMD recommends users concerned about potential vulnerabilities in Chromium keep the web browser setting disabled until mitigations have been released. AMD is planning to release updates for AMD Software: Adrenalin Edition which will include a newer version of...