Skip to main content

AMD Sensor Fusion Hub Driver CVE-2025-29944

| EUVD-2025-209871 MEDIUM
Classic Buffer Overflow (CWE-120)
2026-05-15 AMD GHSA-4f5c-wcxh-wgv3
Buffer Overflow Denial Of Service Amd
6.8
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
May 15, 2026 - 03:32 vuln.today
CVSS changed
May 15, 2026 - 03:22 NVD
6.8 (MEDIUM)
CVE Published
May 15, 2026 - 01:53 nvd
MEDIUM 6.8

DescriptionNVD

A buffer overflow vulnerability within AMD Sensor Fusion Hub Driver can allow a local attacker to write out of bounds, potentially resulting in denial of service or crash

AnalysisAI

Buffer overflow in AMD Sensor Fusion Hub Driver allows local authenticated attackers to write out of bounds, causing denial of service or system crash. The vulnerability affects multiple Ryzen processor families (4000, 5000, 7000, 7020, 7030, 7035, 7040 series and Ryzen AI 300 series) with Radeon integrated graphics across Windows mobile and desktop platforms. No active exploitation has been confirmed at time of analysis.

Technical ContextAI

AMD Sensor Fusion Hub is a driver component that manages sensor data and fusion operations on AMD Ryzen processors with Radeon Graphics. The vulnerability is a classic buffer overflow (CWE-120: Buffer Copy without Checking Size of Input), occurring when the driver writes sensor data or control information to a buffer without proper bounds checking. This affects the kernel-mode driver responsible for coordinating sensor hardware with the processor's integrated graphics and power management subsystems. The vulnerability requires local system access and authenticated privileges to trigger, limiting exposure to users with local login capability or processes running with elevated permissions.

RemediationAI

Update AMD Sensor Fusion Hub Driver to the patched version released by AMD. Consult AMD Security Bulletin AMD-SB-4015 at https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4015.html for exact patch version numbers and driver download links specific to your processor model and operating system. The patch is typically deployed via Windows Update on affected systems or through direct driver download from AMD's support portal. If immediate patching is not possible, restrict local system access to trusted users only and disable unnecessary local user accounts. Monitor for unauthorized local access attempts and consider disabling sensor fusion features if they are not required for critical operations, though this may impact power management and thermal optimization features.

More from same product – last 7 days

CVE-2026-44210 MEDIUM
May 26

VM escape in Kata Containers allows any Kubernetes user with pod-creation rights to break out of the VM sandbox and gain
CVE-2026-45878
May 27

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watch_id bounds checking in debug a
CVE-2026-46052
May 27

In the Linux kernel, the following vulnerability has been resolved: ceph: only d_add() negative dentries when they are

CVE-2026-46174
May 28

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared r

Share

CVE-2025-29944 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy