Vendor CVEs
AMD
All CVEs
355 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21935 | Med | 0.33 | 5.0 | 0.00 | Sep 23, 2025 | Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in data corruption. | ||
| CVE-2024-21927 | Med | 0.33 | 5.0 | 0.00 | Sep 23, 2025 | Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service. | ||
| CVE-2023-20508 | Med | 0.33 | 5.0 | 0.00 | Feb 12, 2025 | Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability. | ||
| CVE-2023-31310 | Med | 0.33 | 5.0 | 0.00 | Aug 13, 2024 | Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability. | ||
| CVE-2025-29949 | Med | 0.31 | — | 0.00 | Feb 10, 2026 | Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service. | ||
| CVE-2025-0034 | Med | 0.31 | 4.7 | 0.00 | Sep 6, 2025 | Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service. | ||
| CVE-2023-31339 | Med | 0.31 | 4.8 | 0.00 | Aug 13, 2024 | Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service. | ||
| CVE-2022-27672 | Med | 0.31 | 4.7 | 0.00 | Mar 1, 2023 | When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. | ||
| CVE-2025-66664 | Med | 0.30 | — | 0.00 | May 15, 2026 | Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception | ||
| CVE-2024-36345 | Med | 0.30 | — | 0.00 | May 15, 2026 | Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality. | ||
| CVE-2023-20601 | Med | 0.30 | — | 0.00 | Feb 12, 2026 | Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition. | ||
| CVE-2025-48517 | Med | 0.30 | — | 0.00 | Feb 10, 2026 | Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality. | ||
| CVE-2025-0031 | Med | 0.30 | — | 0.00 | Feb 10, 2026 | A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. | ||
| CVE-2025-29943 | Med | 0.30 | — | 0.00 | Jan 16, 2026 | Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest. | ||
| CVE-2025-29946 | Med | 0.29 | — | 0.00 | Feb 10, 2026 | Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. | ||
| CVE-2023-31356 | Med | 0.29 | 4.4 | 0.00 | Aug 13, 2024 | Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity. | ||
| CVE-2021-26377 | Med | 0.27 | 4.1 | 0.00 | Sep 6, 2025 | Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service. | ||
| CVE-2025-54509 | Med | 0.26 | — | 0.00 | Jun 9, 2026 | Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity. | ||
| CVE-2025-48514 | Med | 0.26 | — | 0.00 | Feb 10, 2026 | Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality. | ||
| CVE-2021-46772 | Low | 0.25 | 3.9 | 0.00 | Aug 13, 2024 | Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service. | ||
| CVE-2021-26387 | Low | 0.25 | 3.9 | 0.00 | Aug 13, 2024 | Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity. | ||
| CVE-2025-0011 | Low | 0.21 | 3.3 | 0.00 | Sep 6, 2025 | Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality. | ||
| CVE-2025-0036 | Low | 0.21 | 3.2 | 0.00 | Jun 10, 2025 | In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data. | ||
| CVE-2023-20513 | Low | 0.21 | 3.3 | 0.00 | Aug 13, 2024 | An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service. | ||
| CVE-2023-31331 | Low | 0.20 | 3.0 | 0.00 | Feb 11, 2025 | Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability. | ||
| CVE-2025-54505 | Low | 0.13 | — | 0.00 | Apr 27, 2026 | A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality. | ||
| CVE-2024-2502 | Low | 0.13 | 2.0 | 0.00 | Aug 29, 2024 | An application can be configured to block boot attempts after consecutive tamper resets are detected, which may not occur as expected. This is possible because the TAMPERRSTCAUSE register may not be properly updated when a level 4 tamper event (a tamper reset) occurs. This… | ||
| CVE-2025-66660 | Low | 0.12 | — | 0.00 | May 15, 2026 | Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior. | ||
| CVE-2025-0029 | Low | 0.12 | — | 0.00 | Feb 10, 2026 | Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity | ||
| CVE-2023-31305 | Low | 0.12 | 1.9 | 0.00 | Aug 13, 2024 | Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure. | ||
| CVE-2023-20518 | Low | 0.12 | 1.9 | 0.00 | Aug 13, 2024 | Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality. | ||
| CVE-2005-2127 | 0.08 | — | 0.64 | Aug 19, 2005 | Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet… | |||
| CVE-2025-54515 | Low | 0.07 | — | 0.00 | Nov 23, 2025 | The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the… | ||
| CVE-2019-1125 | 0.05 | — | 0.05 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would… | |||
| CVE-2023-6538 | 0.03 | — | 0.02 | Dec 11, 2023 | SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to… | |||
| CVE-1999-1442 | 0.03 | — | 0.01 | Jun 22, 1998 | Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments. | |||
| CVE-2023-20562 | 0.01 | — | 0.01 | Aug 8, 2023 | Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. | |||
| CVE-2023-20593 | 0.01 | — | 0.06 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | |||
| CVE-2026-45853 | 0.00 | — | 0.00 | May 27, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() amdgpu_discovery_get_nps_info() internally allocates memory for ranges using kvcalloc(), which may use vmalloc() for large allocation.… | |||
| CVE-2023-20548 | 0.00 | — | 0.00 | Feb 11, 2026 | A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability. | |||
| CVE-2023-31324 | 0.00 | — | 0.00 | Feb 11, 2026 | A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or… | |||
| CVE-2025-71195 | 0.00 | — | 0.00 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap… | |||
| CVE-2025-68793 | 0.00 | — | 0.00 | Jan 13, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job->pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls… | |||
| CVE-2025-68313 | 0.00 | — | 0.00 | Dec 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly… | |||
| CVE-2025-29933 | 0.00 | — | 0.00 | Nov 24, 2025 | Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service | |||
| CVE-2025-48511 | 0.00 | — | 0.00 | Nov 24, 2025 | Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. | |||
| CVE-2025-48510 | 0.00 | — | 0.00 | Nov 24, 2025 | Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability. | |||
| CVE-2025-48502 | 0.00 | — | 0.00 | Nov 21, 2025 | Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service. | |||
| CVE-2025-38583 | 0.00 | — | 0.00 | Aug 19, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pll_post only if registered correctly If registration of pll_post is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to… | |||
| CVE-2023-31359 | 0.00 | — | 0.00 | May 13, 2025 | Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
- risk 0.33cvss 5.0epss 0.00
Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in data corruption.
- risk 0.33cvss 5.0epss 0.00
Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to crash and reset, potentially resulting in denial of service.
- risk 0.33cvss 5.0epss 0.00
Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability.
- risk 0.33cvss 5.0epss 0.00
Improper input validation in Power Management Firmware (PMFW) may allow an attacker with privileges to send a malformed input for the "set temperature input selection" command, potentially resulting in a loss of integrity and/or availability.
- risk 0.31cvss —epss 0.00
Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.
- risk 0.31cvss 4.7epss 0.00
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.
- risk 0.31cvss 4.8epss 0.00
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
- risk 0.31cvss 4.7epss 0.00
When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.
- risk 0.30cvss —epss 0.00
Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception
- risk 0.30cvss —epss 0.00
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of confidentiality.
- risk 0.30cvss —epss 0.00
Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.
- risk 0.30cvss —epss 0.00
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality.
- risk 0.30cvss —epss 0.00
A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity.
- risk 0.30cvss —epss 0.00
Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.
- risk 0.29cvss —epss 0.00
Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.
- risk 0.29cvss 4.4epss 0.00
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.
- risk 0.27cvss 4.1epss 0.00
Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
- risk 0.26cvss —epss 0.00
Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.
- risk 0.26cvss —epss 0.00
Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.
- risk 0.25cvss 3.9epss 0.00
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
- risk 0.25cvss 3.9epss 0.00
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
- risk 0.21cvss 3.3epss 0.00
Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.
- risk 0.21cvss 3.2epss 0.00
In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.
- risk 0.21cvss 3.3epss 0.00
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.
- risk 0.20cvss 3.0epss 0.00
Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability.
- risk 0.13cvss —epss 0.00
A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality.
- risk 0.13cvss 2.0epss 0.00
An application can be configured to block boot attempts after consecutive tamper resets are detected, which may not occur as expected. This is possible because the TAMPERRSTCAUSE register may not be properly updated when a level 4 tamper event (a tamper reset) occurs. This…
- risk 0.12cvss —epss 0.00
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior.
- risk 0.12cvss —epss 0.00
Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity
- risk 0.12cvss 1.9epss 0.00
Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure.
- risk 0.12cvss 1.9epss 0.00
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality.
- CVE-2005-2127Aug 19, 2005risk 0.08cvss —epss 0.64
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet…
- risk 0.07cvss —epss 0.00
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the…
- CVE-2019-1125Sep 3, 2019risk 0.05cvss —epss 0.05
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…
- CVE-2023-6538Dec 11, 2023risk 0.03cvss —epss 0.02
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to…
- CVE-1999-1442Jun 22, 1998risk 0.03cvss —epss 0.01
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.
- CVE-2023-20562Aug 8, 2023risk 0.01cvss —epss 0.01
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
- CVE-2023-20593Jul 24, 2023risk 0.01cvss —epss 0.06
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
- CVE-2026-45853May 27, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() amdgpu_discovery_get_nps_info() internally allocates memory for ranges using kvcalloc(), which may use vmalloc() for large allocation.…
- CVE-2023-20548Feb 11, 2026risk 0.00cvss —epss 0.00
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability.
- CVE-2023-31324Feb 11, 2026risk 0.00cvss —epss 0.00
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or…
- CVE-2025-71195Feb 4, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap…
- CVE-2025-68793Jan 13, 2026risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job->pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls…
- CVE-2025-68313Dec 16, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly…
- CVE-2025-29933Nov 24, 2025risk 0.00cvss —epss 0.00
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service
- CVE-2025-48511Nov 24, 2025risk 0.00cvss —epss 0.00
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.
- CVE-2025-48510Nov 24, 2025risk 0.00cvss —epss 0.00
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.
- CVE-2025-48502Nov 21, 2025risk 0.00cvss —epss 0.00
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.
- CVE-2025-38583Aug 19, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pll_post only if registered correctly If registration of pll_post is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace: Unable to…
- CVE-2023-31359May 13, 2025risk 0.00cvss —epss 0.00
Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Page 3 of 8