Amd
Monthly
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval() [Why & How] The aux_rd_interval array in struct dc_lttpr_caps is declared with MAX_REPEATER_CNT - 1 (7) elements, indexed 0..6. However, the offset parameter passed to dp_get_eq_aux_rd_interval() can be as large as MAX_REPEATER_CNT (8) when a sink reports 8 LTTPR repeaters via DPCD. This leads to an out-of-bounds read of aux_rd_interval[7] when offset is 8. Fix this by growing aux_rd_interval to MAX_REPEATER_CNT elements to accommodate the full range of valid repeater counts defined by the DP spec. (cherry picked from commit a55a458a8df37a65ffda5cf721d554a8f74f6b04)
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use krealloc_array() in dal_vector_reserve() [Why & How] dal_vector_reserve() computes the allocation size as "capacity * vector->struct_size" using uint32_t arithmetic, which can silently wrap to a small value on overflow. This would cause krealloc to return a smaller buffer than expected, leading to heap overflows on subsequent vector appends. Replace krealloc() with krealloc_array() which performs an internal overflow check and returns NULL on wrap, preventing the issue. (cherry picked from commit 37668568641ccc4cc1dbca4923d0a16609dd5707)
NULL pointer dereference in the Linux kernel's AMD64 AGP driver crashes systems running in virtualized environments without physical AMD northbridge hardware. Broken error propagation in `agp_amd64_probe()` - comparing `cache_nbs()` return value against exactly `-1` rather than `< 0` - masks the `-ENODEV` error code, allowing the driver to proceed with initialization, ultimately causing a General Protection Fault in `amd64_fetch_size()` when `node_to_amd_nb(0)` returns NULL. No public exploit has been identified at time of analysis, EPSS is 0.18% (7th percentile), and impact is confined to local denial of service via kernel crash; patches are confirmed available across multiple stable branches.
NULL pointer dereference in the Linux kernel's AMD RAS subsystem crashes systems with AMD GPU hardware. The function `ras_core_ras_interrupt_detected()` in `drm/amd/ras` fails to validate the `ras_core` pointer before dereferencing `ras_core->dev` in an error path, enabling a local low-privilege user to trigger a kernel panic and denial of service. No public exploit code exists and the vulnerability is not listed in CISA KEV; EPSS at 0.14% (4th percentile) confirms negligible current exploitation probability. Upstream fix commits are available in stable kernel trees.
NULL pointer dereference in the Linux kernel's drm/amd/ras subsystem allows a local low-privileged user to crash the kernel on systems with AMD GPUs. The flaw in ras_core_get_utc_second_timestamp() occurs when a NULL ras_core pointer passes a conditional check but is then dereferenced in the subsequent error-printing path, producing a kernel panic. No public exploit exists and EPSS sits at 0.15% (4th percentile), placing this firmly as a low-urgency local denial-of-service hardening issue despite the Availability:High CVSS rating.
NULL pointer dereference in the Linux kernel AMD display driver (drm/amd/display) can cause a kernel panic on systems running AMD GPUs, resulting in a complete denial of service. The flaw resides in dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace() in dc_dmub_srv.c, where a combined NULL guard incorrectly permits DC_LOG_ERROR() - which internally dereferences dc_dmub_srv->ctx - to execute when dc_dmub_srv itself is NULL. No public exploit has been identified at time of analysis and EPSS sits at the 4th percentile, indicating very low exploitation probability in the wild.
Kernel crash in Linux DRM/AMD DCN32 display subsystem affects systems equipped with AMD RDNA3-generation GPUs running x86 non-RT kernels. The dcn32_validate_bandwidth() function locks FPU registers via DC_FP_START(), disabling local softirqs, then calls kvzalloc() for a ~335 KiB phantom-plane allocation that triggers the vmalloc path; vmalloc fires BUG_ON(in_interrupt()), crashing the kernel. No public exploit has been identified at time of analysis, and EPSS at 0.15% (5th percentile) reflects low real-world exploitation interest.
Boot-time kernel crash in Linux 6.16+ on AMD IOMMU-equipped systems causes a General Protection Fault when a PCI device whose Bus:Device.Function address is absent from the ACPI IVRS table is encountered during IOMMU initialization. The root cause is a missing bounds check in __rlookup_amd_iommu() that was latent until commit e874c666b15b changed the rlookup_table allocation from a zeroed page-order block (which returned NULL on overrun) to a tight kvcalloc(), causing adjacent slab contents to be dereferenced as a valid struct amd_iommu pointer. The result is a non-recoverable GPF at boot time, confirmed in production on Google Compute Engine ct6e VMs; no public exploit code and no CISA KEV listing exist at time of analysis.
Local privilege escalation and memory corruption in the Linux kernel DRM/GEM subsystem stems from a race condition in the GEM change_handle ioctl when it runs concurrently with gem_close, where botched two-stage idr_replace handling against the wrong idr slot allows a concurrent close to steal the object's only inherited reference. The flaw affects systems using the DRM graphics stack (notably AMD GPU paths, per source tags) and an unprivileged local user with access to a DRM render/card device can trigger a use-after-free, with the upstream resolution disabling the change_handle ioctl entirely until the locking can be proven correct. No public exploit identified at time of analysis and EPSS is low (0.17%, 7th percentile), consistent with a local-only, hard-to-win race rather than mass exploitation.
Out-of-bounds read and unbounded-iteration denial of service in the Linux kernel's AMD Display (amdgpu DC) driver arises when the bios_parser/bios_parser2 code walks VBIOS record chains that lack a proper 0xFF terminator record. A local attacker able to supply a malformed VBIOS image can force hundreds of thousands of probe-time iterations (with record_size=1) and, near the image boundary, trigger struct casts that read past the 2-byte header validated by GET_IMAGE. There is no public exploit identified at time of analysis, and the EPSS score is low (0.17%, 6th percentile), consistent with a local, firmware-dependent memory-safety bug rather than a broadly exploited remote flaw.
Out-of-bounds kernel heap write in the AMD Display (amdgpu) driver's HDMI HDCP 2.x repeater authentication path affects Linux kernels from 5.6 through the 7.1 release candidates. When reading a downstream sink's RxStatus register, the driver in mod_hdcp_read_rx_id_list() uses an attacker-influenced 10-bit message-size field (up to 1023 bytes) as the I2C read length without bounding it to the 177-byte rx_id_list buffer, so a malicious HDMI repeater can force a write past the buffer and corrupt kernel memory. There is no public exploit identified at time of analysis and EPSS is low (0.21%, 11th percentile); it is not listed in CISA KEV.
Out-of-bounds heap write in the Linux kernel amdgpu DRM display driver (drm/amd/display) arises because the VBIOS integrated info tables (v1_11 and v2_1) expose unvalidated u8 HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C settings into fixed-size arrays (9 and 3 elements). A malformed VBIOS can set these counts up to 255, overrunning the destination arrays during driver probe on AMD GPU systems. No public exploit has been identified and EPSS is very low (0.17%), but the memory-corruption primitive (CWE-787) carries high confidentiality, integrity, and availability impact per the CVSS 7.8 rating.
NULL pointer dereference and buffer over-read in the Linux kernel's AMD display driver (drm/amd/display) can be triggered by a local user writing to the sdp_message debugfs node, causing a kernel panic and denial of service. The dp_sdp_message_debugfs_write() function fails to check whether connector->base.state->crtc is NULL - a valid transient state after GPU hotplug before an atomic commit - and unconditionally passes 36 bytes to copy_from_user() regardless of the caller-provided size, enabling a second over-read path. No public exploit or CISA KEV listing exists; EPSS is 0.18% (7th percentile), consistent with a localized, hardware-dependent DoS.
In the Linux kernel, the following vulnerability has been resolved: amd-pstate: Fix memory leak in amd_pstate_epp_cpu_init() On failure to set the epp, the function amd_pstate_epp_cpu_init() returns with an error code without freeing the cpudata object that was allocated at the beginning of the function. Ensure that the cpudata object is freed before returning from the function. This memory leak was discovered by Claude Opus 4.6 with the aid of Chris Mason's AI review-prompts (https://github.com/masoncl/review-prompts/tree/main/kernel).
In the Linux kernel, the following vulnerability has been resolved: perf/amd/ibs: Avoid calling perf_allow_kernel() from the IBS NMI handler Calling perf_allow_kernel() from the NMI context is unsafe and could be fatal. Capture the permission at event-initialization time by storing it in event->hw.flags, and have the NMI handler rely on that cached flag instead of making the call directly.
Improper DMA-alias handling in the Linux kernel's AMD IOMMU driver lets a stale or incorrect Device Table Entry (DTE) be propagated to an alias PCI device, weakening the DMA isolation the IOMMU is meant to enforce. The flaw affects systems on AMD platforms where pci_for_each_dma_alias() supplies an alias-rather than the original-device to clone_alias(), causing the wrong source devid to be used when copying the DTE. EPSS is low (0.17%, 6th percentile) and there is no public exploit identified at time of analysis.
Man-in-the-middle attacks against AMD's optional desktop tools - AMD Management Console (AMC), AMD Ryzen Master, and AMD μProf - can lead to arbitrary code execution because the affected utilities transport data over plaintext HTTP rather than TLS. An attacker positioned on the network path between a victim workstation and the AMD endpoint can tamper with traffic (most plausibly update or telemetry channels) to substitute malicious content that is then executed by the tool. No public exploit identified at time of analysis and the issue is not in CISA KEV; EPSS data was not provided.
Unrestricted resource allocation in AMD µProf allows a local low-privileged user to consume excessive system resources, resulting in a loss of availability (denial of service). The CVSS 4.0 score of 6.8 reflects a locally exploitable, low-complexity attack requiring only low privileges with no user interaction needed. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis; however, the straightforward nature of resource exhaustion attacks makes it a realistic local threat on systems where AMD µProf is deployed.
Improper access control in AMD µProf exposes a kernel-shared memory section to low-privileged local users, enabling writes that can crash the system or cause a denial of service. All AMD µProf versions prior to 5.3 are affected across supported platforms. No public exploit code has been identified and this CVE is not listed in CISA KEV, but the CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N) indicates straightforward local exploitation requiring only basic user privileges with no additional complexity or user interaction.
Improper access control in the IOMMU register interface on AMD EPYC server processors allows a high-privileged local attacker to induce non-coherent memory accesses by the AMD Secure Processor (ASP), resulting in loss of system integrity beyond the directly compromised component. Affected processor families span EPYC 8004, 9004, and 9005 series - including embedded variants - covering AMD's current-generation server and embedded datacenter platforms. No public exploit code and no CISA KEV listing exist at time of analysis, but the elevated subsequent integrity impact (SI:H in CVSS 4.0) signals meaningful security boundary degradation, particularly relevant for confidential computing and virtualized environments where ASP integrity is foundational.
Out-of-bounds array access in the Linux kernel's AMD GPU display driver (drm/amd/display) allows local privileged users to trigger memory corruption via the dcn35_stream_encoder_create() function when eng_id equals ENGINE_ID_DIGF (value 5) or is negative, indexing past the 5-element stream_enc_regs[] array. The flaw stems from a faulty boundary check using <= instead of <, and no public exploit has been identified at time of analysis with an EPSS score of 0.02% (5th percentile) indicating very low exploitation probability.
Null pointer dereference in the Linux kernel's AMD GPU display driver (drm/amd/display) crashes the kernel during Hot Plug Detection (HPD) initialization on systems with AMD GPUs. The amdgpu_dm_hpd_init() function assigns dc_link from a connector but then unconditionally dereferences it at line 940 of amdgpu_dm_irq.c without first confirming it is non-NULL - connectors lacking a valid dc_link trigger a kernel NULL dereference. Exploitation requires local, low-privileged access to a system with an affected AMD GPU; no public exploit has been identified at time of analysis and EPSS probability is 0.02% (5th percentile), indicating very limited real-world exploitation pressure.
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures. Rated high severity (CVSS 7.1). No vendor patch available.
Local privilege escalation and information disclosure in the Linux kernel on AMD Zen2 CPUs allows low-privileged users to trigger instruction corruption via improper isolation of shared resources in the op cache. Affecting kernels prior to 5.10.256, 5.15.207, 6.1.173, 6.6.139, 6.12.88, 6.18.30, and 7.0.7, the flaw carries a CVSS 8.8 due to scope change (S:C) impacting confidentiality, integrity, and availability beyond the original security boundary. EPSS is very low (0.02%, 7th percentile) and no public exploit identified at time of analysis, but the architectural nature of the bug (CPU op cache sharing) makes it relevant for multi-tenant and virtualization workloads.
Denial of service in the Linux kernel Ceph client allows local users with access to a Ceph-mounted filesystem to trigger d_hash list corruption and RCU stalls by inducing path lookups against reused cached negative dentries. The flaw stems from fs/ceph/dir.c calling d_add(dentry, NULL) on already-hashed negative dentries, creating self-loops in the hlist_bl bucket that cause __d_lookup() to spin indefinitely. EPSS is 0.02% (5th percentile) and no public exploit identified at time of analysis, but the bug has been reproduced organically in production (RCU stall on a Dell PowerEdge R7615 running 6.18.17).
Local privilege escalation potential in the Linux kernel's AMD KFD (Kernel Fusion Driver) debug subsystem allows a local user with GPU access to trigger a buffer overflow in the watch_points array via a crafted watch_id value. The flaw stems from signed/unsigned integer mishandling in kfd_dbg_trap_clear_dev_address_watch(), where userspace-supplied watch_id values exceeding INT_MAX cause undefined bit shifts and out-of-bounds memory access. No public exploit identified at time of analysis, and EPSS scores exploitation probability at only 0.02%.
VM escape in Kata Containers allows any Kubernetes user with pod-creation rights to break out of the VM sandbox and gain full read/write access to the host filesystem. All Kata Containers installations prior to commit ffa59ce3aa78 are affected when using the default configuration.toml, which enables the `virtio_fs_extra_args` and `kernel_params` pod annotations out of the box. An attacker crafts a pod with two annotations: one to redirect virtiofsd to serve the host root filesystem (`/`) into the guest VM, and a second to enable the agent debug console - after which the entire host filesystem is accessible from inside the supposedly isolated VM. A fully working proof-of-concept with confirmed output against Kata Containers 3.28.0 on Ubuntu 24.04 has been publicly disclosed; no public exploit confirmed as actively exploited (CISA KEV) at time of analysis.
Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability
A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.
Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer (ASP) could allow an attacker to read or write to protected memory potentially resulting in. Rated high severity (CVSS 8.8). No vendor patch available.
Improper privilege validation in AMD Secure Processor (ASP) allows authenticated local attackers to write data to restricted memory regions, compromising data integrity and potentially affecting system availability. The vulnerability affects AMD MI-25, MI250, MI210 accelerators and AMD Radeon Pro V520/V620 GPUs. No public exploit code has been identified, but the low attack complexity and authenticated network access vector indicate moderate real-world risk in data center and AI/ML environments where these devices are deployed.
Buffer overflow in AMD GPU driver IOCTL handler enables local privilege escalation to root on Linux systems running AMD Instinct or Radeon Pro GPUs. Authenticated local users with low privileges can exploit an out-of-bounds write vulnerability in the AMDGV_CMD_GET_DIAG_DATA IOCTL to achieve arbitrary kernel code execution. EPSS data not available; no public exploit or CISA KEV listing identified at time of analysis, suggesting limited active exploitation despite high CVSS 8.5 severity.
Out-of-bounds read in AMD Secure Processor TEE SOC Driver allows high-privileged local attackers to trigger memory exposure or denial of service via malformed SR-IOV commands on Radeon RX 6000/7000, Pro W6000/W7000, and Instinct MI-series GPUs. Insufficient parameter sanitization in the DRV_SOC_CMD_ID_LOAD_GFX_IP_FW command handler permits crafted input to bypass bounds checks, exposing SOC Driver memory or causing exceptions. Attack requires high privilege level (PR:H) and local access (AV:L), limiting real-world exploitation to compromised administrative contexts or supply-chain scenarios.
Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the. Rated high severity (CVSS 7.1). No vendor patch available.
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.
Local privilege escalation in AMD Platform Management Framework (PMF) allows authenticated attackers with low privileges to execute arbitrary code with elevated system privileges through an out-of-bounds write vulnerability. Affects multiple AMD Ryzen processor series (6000, 7035, 7040, 8040, and Embedded R8000) across mobile and embedded platforms. The CVSS 4.0 score of 8.4 reflects high impact to system integrity and availability with changed scope, indicating the attacker can escape the vulnerable component's security context. No active exploitation confirmed in CISA KEV at time of analysis, and public exploit code availability is not indicated in current intelligence.
Buffer overflow in AMD Sensor Fusion Hub Driver allows local authenticated attackers to write out of bounds, causing denial of service or system crash. The vulnerability affects multiple Ryzen processor families (4000, 5000, 7000, 7020, 7030, 7035, 7040 series and Ryzen AI 300 series) with Radeon integrated graphics across Windows mobile and desktop platforms. No active exploitation has been confirmed at time of analysis.
Arbitrary code execution and denial of service in AMD Platform Management Framework (PMF) affects Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. A local authenticated attacker exploiting an unchecked return value vulnerability can write to arbitrary memory locations, potentially escalating privileges from low to high integrity across system boundaries. The CVSS 4.0 score of 7.1 reflects local attack vector with low complexity but requires specific attack timing conditions (AT:P), though the cross-scope impact (S:H) and high confidentiality/integrity impact to subsequent systems elevate real-world risk for enterprise environments with AMD mobile processors.
Out-of-bounds read in AMD Platform Management Framework (PMF) allows authenticated local attackers to read arbitrary memory locations, potentially disclosing sensitive information or causing availability loss on affected Ryzen processors. The vulnerability requires local access and low privileges but can be triggered without user interaction. AMD released a security bulletin (AMD-SB-4015) describing the issue; active exploitation status not confirmed at time of analysis.
Local attackers with low-privilege credentials can exploit unchecked return value handling in AMD Platform Management Framework (PMF) to read or write arbitrary memory addresses across multiple AMD Ryzen processor families (6000, 7000, 8000 series). This CWE-252 flaw enables privilege escalation to kernel level, compromising system confidentiality and availability with high impact across both virtualized and physical contexts. AMD has released security bulletin AMD-SB-4015 addressing the vulnerability. No CISA KEV listing or public exploit code has been identified at time of analysis, but the low attack complexity (AC:L) and local privilege requirement (PR:L) suggest exploitation is technically straightforward for attackers with initial system access.
Local privilege escalation in AMD Platform Management Framework (PMF) allows authenticated attackers with low privileges to unmap arbitrary memory pages, potentially executing code with elevated privileges or triggering system crashes. Affects modern AMD Ryzen mobile processors across multiple generations (6000/7000/8000/AI 300 series, embedded variants). The vulnerability enables both horizontal escalation (confidentiality compromise via changed scope in CVSS 4.0) and vertical impact (integrity/availability degradation). No evidence of active exploitation (not in CISA KEV), but the local attack vector with low complexity makes this exploitable by malware or malicious insiders once system access is obtained. EPSS data not available for risk calibration.
Uninitialized kernel memory within AMD's Platform Management Framework (PMF) can be read by local authenticated attackers, resulting in information disclosure or availability impact. This affects AMD Ryzen processors across multiple generations (6000, 7035, 7040, 8040 series and Z1/Embedded 8000) where PMF is present. The vulnerability requires local access and authenticated user privileges but does not require user interaction, making it exploitable by any local user with login credentials.
Out-of-bounds write in the AMD Platform Management Framework (PMF) Driver enables local authenticated users to escalate privileges on AMD Ryzen 6000/7000/8000 series processors. The vulnerability stems from improper input validation (CWE-787) allowing memory corruption beyond allocated buffer boundaries. Exploitation requires low-privilege local access with low attack complexity (CVSS 4.0: AV:L/AC:L/PR:L), making this a realistic post-compromise escalation vector. AMD released chipset driver version 7.06.02.123 addressing all affected Ryzen series. No public exploit or active exploitation confirmed at time of analysis.
Improper input validation in the AMD Platform Management Framework (PMF) driver allows local authenticated attackers to read out-of-bounds memory, resulting in information disclosure or denial of service. The vulnerability affects multiple Ryzen processor families (7035, 7040, 8040, 6000 series, and Embedded 8000) and requires local access with limited privileges to exploit.
Out-of-bounds read/write in AMD Platform Management Framework (PMF) driver allows local authenticated users to escalate privileges on Ryzen 6000/7000/8000 series processors. AMD has released patched chipset software version 7.06.02.123 addressing the improper input validation vulnerability. No public exploit code identified and CISA has not added this to KEV, indicating exploitation is not yet confirmed in real-world attacks despite the high CVSS score. Attackers must already have local system access with standard user privileges to exploit this vulnerability.
Buffer overflow in the AMD Secure Processor (ASP) PCI driver affects dozens of AMD Ryzen, EPYC, and Threadripper processor families across desktop, mobile, and embedded variants. Local attackers with user-level privileges can trigger improper input validation in the driver to cause a crash or denial of service, with potential for integrity impact. The vulnerability requires local access and authenticated user privileges; no active exploitation in the wild has been confirmed, and vendor-released patches are available.
Insecure installation directory permissions in AMD chipset driver allow local authenticated attackers to achieve SYSTEM-level privilege escalation and execute arbitrary code. The vulnerability affects nearly all AMD Ryzen, Threadripper, EPYC, and Athlon processors across desktop, mobile, embedded, and server product lines. AMD has released patched chipset driver versions 8.01.20.513 (consumer/workstation) and 8.03.14.329/8.03.16.641 (server). No active exploitation confirmed at time of analysis, but the local vector and low attack complexity make this exploitable by any authenticated Windows user, including standard users without admin rights.
Use-After-Free vulnerability in the AMD Secure Processor (ASP) PCI driver affects multiple Ryzen, Threadripper, EPYC, and Athlon processor families due to improper input validation. A local attacker with user-level privileges can trigger the UAF condition, resulting in denial of service via platform crash or potential loss of platform integrity. Vendor-released patch: AMD Ryzen Chipset Driver 7.02.13.148 (or equivalent Catalyst driver versions for embedded SKUs). No public exploit identified at time of analysis.
Privilege escalation in AMD GPIO controller driver for Windows allows authenticated local users with low privileges to execute arbitrary code with elevated rights via insecure directory permissions. Affects nearly the entire AMD processor portfolio from Ryzen 3000-series through latest EPYC 9005 and Ryzen AI 300. AMD has released patched chipset drivers (version 7.04.09.545 for most desktop/mobile products, 8.03.16.641 for server platforms) addressing the vulnerability. EPSS score and KEV status not provided in source data, but the local attack vector and user interaction requirement limit remote exploitation risk despite the 7.0 CVSS score.
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.
Arbitrary code execution in AMD optional tools occurs through DLL injection during unsafe OpenSSL initialization, allowing local authenticated attackers with low-privilege user access and user interaction to execute malicious code with high impact to confidentiality, integrity, and availability. The vulnerability stems from insecure library loading (CWE-427) where the affected AMD utilities fail to validate DLL search paths during OpenSSL library initialization. No active exploitation confirmed (not in CISA KEV) and no public exploit code identified at time of analysis, though the low attack complexity (AC:L) indicates straightforward exploitation once local access is obtained.
Null pointer dereference in the Linux kernel's AMD ASoC ACP3x audio driver (acp3x-rt5682-max9836) allows a local low-privileged user on affected hardware to crash the kernel. The flaw originates in acp3x_5682_init(), which failed to validate the return value of clk_get() before passing it to rt5682_clk_enable(), meaning an error pointer could be dereferenced directly. No public exploit identified at time of analysis and the EPSS score of 0.02% (7th percentile) reflects extremely low exploitation interest; this vulnerability is not listed in the CISA KEV catalog.
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
Null pointer dereference in the Linux kernel's ASoC AMD ACP machine-common driver can be triggered by a local authenticated user to crash the kernel, resulting in a denial of service. The functions acp_card_rt5682_init() and acp_card_rt5682s_init() in sound/soc/amd/acp/acp-mach-common.c fail to validate the return value of clk_get(), allowing an invalid error pointer to be dereferenced by downstream clock core functions. No public exploit code exists and no active exploitation has been confirmed; EPSS probability stands at 0.02% (5th percentile), reflecting very low real-world exploitation likelihood.
Memory leak and denial-of-service in the Linux kernel macb network driver (used in AMD ZynqMP platforms) allows local authenticated users to cause prolonged network disruption and system resource exhaustion. The flaw manifests during suspend/resume cycles when the transmit ring pointer resets incorrectly, silently dropping queued packets without releasing their memory, and causing the driver to become stuck waiting for already-transmitted packets. Real-world impact observed in NFS rootfs recovery delays. EPSS score of 0.02% (7th percentile) indicates low exploitation likelihood. Vendor patches available across multiple stable kernel branches (6.1.167, 6.6.130, 6.12.78, 6.18.20, 6.19.9).
A NULL pointer dereference in Linux kernel AMD GPU driver cleanup code causes local denial of service when GPU initialization fails on systems with unsupported AMD hardware blocks. Local authenticated users with low privileges can trigger kernel crashes during device teardown sequences. The vulnerability affects multiple stable kernel versions (6.18.16-6.18.19, 6.19.6-6.19.9) with patches available from upstream. EPSS score of 0.02% (4th percentile) indicates very low observed exploitation probability, and no active exploitation or public exploits are confirmed. Real-world impact is limited to systems with specific AMD GPU hardware experiencing initialization failures, making this primarily a reliability issue rather than a direct security threat.
Null pointer dereference in Linux kernel's AMD DRM driver causes system crash during device cleanup on unsupported hardware. The flaw (CWE-476) affects multiple 6.18.x and 6.19.x kernel versions, allowing local authenticated users to trigger denial of service through AMD GPU driver initialization or cleanup operations. Patches available via kernel stable tree commits with EPSS score of 0.02% indicating minimal exploitation likelihood. No active exploitation or public POC identified at time of analysis.
NULL pointer dereference in the Linux kernel's AMD display driver (DRM subsystem) allows local authenticated users to crash the system via dcn401_init_hw() function. Affects kernel 6.12 through 7.0-rc6, specifically the DCN 4.01 hardware sequencer in amdgpu driver. Vendor patches available for stable branches (6.18.22, 6.19.12, 7.0). EPSS exploitation probability is very low (0.02%, 4th percentile), indicating minimal real-world threat despite moderate CVSS score. Not listed in CISA KEV, and no public exploit code identified at time of analysis.
A null pointer dereference in the AMD Display Core driver's DSC (Display Stream Compression) handling for eDP panels causes local system crashes on Linux kernel 6.12 through 7.0-rc5. The vulnerability stems from missing function hook validation before use, allowing local authenticated users with low privileges to trigger a high-severity denial-of-service condition. Patches available across kernel 6.12.75, 6.18.16, 6.19.6, and 7.0 stable branches. EPSS score of 0.02% (5th percentile) indicates minimal observed exploitation activity, and no KEV listing or public POC identified at time of analysis.
Denial of service via system hang in Linux kernel's AMD display driver occurs when the DMUB hardware lock evaluation mismatches between lock acquisition and release in the HWSS fast path, affecting ASIC variants without FAMS support. Local authenticated attackers can trigger this condition through display operations, causing a hang with high availability impact. Patch available in stable releases 6.19.6 and 7.0; EPSS score of 0.02% indicates low real-world exploitation probability despite KEV status.
Denial of service in Linux kernel drm/amdgpu driver (VCNv2.5) affects virtual function (VF) GPU environments running kernel versions prior to 6.18.16, 6.19.6, and 7.0. During module unload or system deinitialization, VF configurations trigger a kernel warning and potential crash when attempting to release an uninitialized VCN poison interrupt handler. EPSS exploitation probability is very low (0.02%, 4th percentile) with no public exploit or active exploitation (not in CISA KEV). Vendor patches available across multiple stable kernel branches via upstream commits.
AMD IOMMU completion wait operations in the Linux kernel can trigger soft lockups under high load when strict mode is enabled (iommu.strict=1). The vulnerability stems from busy-waiting inside a spinlock with interrupts disabled, causing kernel responsiveness issues and potential denial of service on systems with AMD IOMMU hardware. Patches are available across multiple kernel stable branches (6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS score is low (0.02%, 5th percentile) with no confirmed active exploitation or public POC identified at time of analysis.
A denial of service vulnerability in the Linux kernel's AMD display driver (drm/amd/display) allows local authenticated users to crash the system by accessing link encoder functionality on DisplayPort over USB-C (DPIA) links without proper signal type validation. The vulnerability affects kernel versions before the patches released in stable branches 6.12.75, 6.18.16, 6.19.6, and 7.0. No public exploit code has been identified, and real-world exploitation probability is very low (EPSS 0.02%), suggesting this is primarily an edge-case denial of service affecting specific hardware configurations with DPIA displays.
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, completion wait randomly gets timed out because cmd_sem_val was incremented outside the IOMMU spinlock, allowing CMD_COMPL_WAIT commands to be queued out of sequence and breaking the ordering assumption in wait_on_sem(). Move the cmd_sem_val increment under iommu->lock so completion sequence allocation is serialized with command queuing. And remove the unnecessary return.
Denial of service in Linux kernel PCI endpoint configfs interface allows local attackers with low privileges to crash the kernel via swapped parameters in pci_primary_epc_epf_unlink() and pci_secondary_epc_epf_unlink() functions. When executing the unlink command in configfs, incorrect parameter ordering causes invalid memory access and kernel panic. CVSS 5.5 (local, low complexity, low privilege) with EPSS 0.02% suggests limited real-world exploitation despite confirmed availability of patches across multiple kernel branches.
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 [Why] A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to remain stuck. The OTG being stuck can lead to a hang in the DCHVM's ability to ACK invalidations when it thinks the HUBP is still on but it's not receiving global sync. The transition to PLL_ON needs to be atomic as there's no guarantee that the thread isn't pre-empted or is able to complete before the IOMMU watchdog times out. [How] Backport the implementation from dcn401 back to dcn35. There's a functional difference in when the eDP output is disabled in dcn401 code so we don't want to utilize it directly.
Null pointer dereference in the Linux kernel AMD power management (drm/amd/pm) subsystem causes denial of service when SMU (System Management Unit) is disabled during RAS (Reliability, Availability, and Serviceability) initialization. Local authenticated attackers with low privileges can trigger this crash on affected systems, resulting in kernel panic and system unavailability. EPSS exploitation probability is very low (0.02%), indicating this requires specific configuration and local access.
Kernel NULL pointer dereference in AMD GPU driver on systems with 64KB page sizes allows local authenticated attackers to crash the system by triggering memory allocation mismatches between reserved trap area (8KB) and required allocation size (128KB) during GPU memory initialization. The vulnerability affects systems running ROCm workloads and causes denial of service when executing rocminfo or rccl unit tests on IBM POWER10 and similar 64K-page architectures. EPSS exploitation probability is very low (0.02%), and no public exploit code or active in-the-wild exploitation has been identified.
A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality.
Use-after-free in Linux kernel AMD GPU driver allows local authenticated users to potentially execute arbitrary code, escalate privileges, or cause denial of service. The amdgpu_amdkfd_submit_ib() function in the AMD KFD (Kernel Fusion Driver) prematurely releases a DMA fence reference before waiting on it, creating a race condition where the fence memory may be freed before use. Vendor-released patches are available for multiple stable kernel branches (6.1.168, 6.6.131, 6.12.80, 6.18.21, 6.19.11, 7.0). EPSS exploitation probability is very low at 0.02% (7th percentile), and no public exploit or active exploitation has been identified at time of analysis.
Use-after-free in Linux kernel AMD display driver allows local authenticated users to execute arbitrary code, corrupt memory, or cause denial of service. Affects systems with AMD graphics using Display Stream Compression (DSC) and multi-stream transport (MST), particularly laptops with integrated displays and external DP-MST monitors. The vulnerability arises when mode changes occur simultaneously with DSC reconfigurations, causing improper stream lifecycle management. Vendor patch available across multiple kernel versions (6.12.80, 6.18.21, 6.19.11, 7.0). EPSS score of 0.02% indicates low exploitation probability in the wild, with no CISA KEV listing or public exploit identified at time of analysis.
Memory leak in AMD display driver (amdgpu_dm) on Linux kernel allows local authenticated attackers to cause denial of service by exhausting kernel memory when display sinks are connected and the system resumes from sleep. The vulnerability arises from failure to free previously allocated drm_edid structures before overwriting them, and is confirmed in kernel versions up to 7.0 RC5 with EPSS exploitation probability of 0.02% indicating low real-world exploitation likelihood.
Denial of service via null pointer dereference in AMD display driver backlight setup affects Linux kernel versions 6.19 through 7.0-rc5 when LVDS connectors are present without extended backlight capabilities. Local authenticated users with low privileges can trigger a crash by accessing backlight controls on affected systems, causing system instability. Patch available from vendor with EPSS score of 0.02% indicating low real-world exploitation probability.
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
Missing lock check in AMD Platform Security Processor in AMD EPYC™ 9005 Series CPUs allows a privileged attacker to potentially impact guest confidentiality via local access.
Race condition in Samsung Exynos Wi-Fi drivers enables local privilege escalation to kernel execution via double-free memory corruption. Affects 11 mobile and wearable processors (Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, W1000). Local attackers with low privileges can trigger memory corruption by racing ioctl calls across threads, achieving high confidentiality, integrity, and availability impact. EPSS score of 0.02% (5th percentile) suggests minimal real-world exploitation likelihood despite CVSS 7.0 severity. No public exploit identified at time of analysis.
Linux kernel NULL pointer dereference in the x86 PMU NMI handler on AMD EPYC systems causes denial of service when perf event unthrottling races with PMU rescheduling. The vulnerability stems from commit 7e772a93eb61 moving event pointer initialization later in x86_pmu_enable(), allowing the unthrottle path to set active_mask bits without populating the corresponding events[] array entries, leading to NULL pointer dereference when subsequent PMC overflow interrupts fire. No public exploit code identified at time of analysis; patch fixes are available in upstream Linux kernel stable branches.
The Handlebars npm package precompiler (bin/handlebars) allows arbitrary JavaScript injection through unsanitized string concatenation in four distinct code paths: template filenames, namespace option (-n), CommonJS path option (-c), and AMD path option (-h). Attackers who can control template filenames or CLI arguments can inject code that executes when the generated JavaScript bundle is loaded in Node.js or browser environments. Publicly available exploit code exists with multiple proof-of-concept vectors demonstrated, including file system manipulation via require('fs'). CVSS 8.3 reflects local attack vector requiring low privileges and user interaction, with changed scope allowing high confidentiality, integrity, and availability impact.
Attested TLS relay attacks in Cocos AI confidential computing system versions 0.4.0 through 0.8.2 enable attackers to impersonate genuine TEE-protected services on AMD SEV-SNP and Intel TDX platforms by extracting ephemeral TLS private keys and redirecting authenticated sessions. The architectural flaw allows an attacker with physical access or side-channel capabilities to relay attestation evidence to a different endpoint, breaking the authentication binding between the TEE and the client. No vendor-released patch is available; the vulnerability affects a specialized confidential computing platform with low EPSS probability (formal EPSS score not provided in input) and no public exploit identified at time of analysis, though formal ProVerif verification confirms the attack feasibility.
A logic error in the Linux kernel's AMD GPU driver causes system crashes when two AMD GPUs are present and only one supports ASPM (Active State Power Management). The vulnerability stems from a commit that was erroneously reapplied after being removed in a prior refactoring, leading to incorrect ASPM state evaluation across multiple devices. Systems running affected Linux kernel versions with heterogeneous AMD GPU configurations (mixed ASPM support) will experience denial of service through kernel crashes.
AMD GPU drivers on Linux systems fail to prevent MMIO register access during SMU Mode 1 reset, allowing incomplete PCIe transactions that can trigger NMI panics or system hangs. A local attacker with driver interaction capabilities could exploit this to cause a denial of service by accessing registers while the device is offline. The vulnerability affects Linux kernel implementations with AMD PM functionality and currently lacks an available patch.
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVM_IRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvm_arch_irq_bypass_del_producer() on x86 and arm64, which explicitly look for KVM_IRQ_ROUTING_MSI.
Memory leak in AMD ASoC PDM DMA operations allows local attackers with user-level privileges to cause denial of service through resource exhaustion on affected Linux systems. The vulnerability persists as no patch is currently available, leaving vulnerable systems at continued risk of system instability or crash from cumulative memory consumption.
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval() [Why & How] The aux_rd_interval array in struct dc_lttpr_caps is declared with MAX_REPEATER_CNT - 1 (7) elements, indexed 0..6. However, the offset parameter passed to dp_get_eq_aux_rd_interval() can be as large as MAX_REPEATER_CNT (8) when a sink reports 8 LTTPR repeaters via DPCD. This leads to an out-of-bounds read of aux_rd_interval[7] when offset is 8. Fix this by growing aux_rd_interval to MAX_REPEATER_CNT elements to accommodate the full range of valid repeater counts defined by the DP spec. (cherry picked from commit a55a458a8df37a65ffda5cf721d554a8f74f6b04)
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use krealloc_array() in dal_vector_reserve() [Why & How] dal_vector_reserve() computes the allocation size as "capacity * vector->struct_size" using uint32_t arithmetic, which can silently wrap to a small value on overflow. This would cause krealloc to return a smaller buffer than expected, leading to heap overflows on subsequent vector appends. Replace krealloc() with krealloc_array() which performs an internal overflow check and returns NULL on wrap, preventing the issue. (cherry picked from commit 37668568641ccc4cc1dbca4923d0a16609dd5707)
NULL pointer dereference in the Linux kernel's AMD64 AGP driver crashes systems running in virtualized environments without physical AMD northbridge hardware. Broken error propagation in `agp_amd64_probe()` - comparing `cache_nbs()` return value against exactly `-1` rather than `< 0` - masks the `-ENODEV` error code, allowing the driver to proceed with initialization, ultimately causing a General Protection Fault in `amd64_fetch_size()` when `node_to_amd_nb(0)` returns NULL. No public exploit has been identified at time of analysis, EPSS is 0.18% (7th percentile), and impact is confined to local denial of service via kernel crash; patches are confirmed available across multiple stable branches.
NULL pointer dereference in the Linux kernel's AMD RAS subsystem crashes systems with AMD GPU hardware. The function `ras_core_ras_interrupt_detected()` in `drm/amd/ras` fails to validate the `ras_core` pointer before dereferencing `ras_core->dev` in an error path, enabling a local low-privilege user to trigger a kernel panic and denial of service. No public exploit code exists and the vulnerability is not listed in CISA KEV; EPSS at 0.14% (4th percentile) confirms negligible current exploitation probability. Upstream fix commits are available in stable kernel trees.
NULL pointer dereference in the Linux kernel's drm/amd/ras subsystem allows a local low-privileged user to crash the kernel on systems with AMD GPUs. The flaw in ras_core_get_utc_second_timestamp() occurs when a NULL ras_core pointer passes a conditional check but is then dereferenced in the subsequent error-printing path, producing a kernel panic. No public exploit exists and EPSS sits at 0.15% (4th percentile), placing this firmly as a low-urgency local denial-of-service hardening issue despite the Availability:High CVSS rating.
NULL pointer dereference in the Linux kernel AMD display driver (drm/amd/display) can cause a kernel panic on systems running AMD GPUs, resulting in a complete denial of service. The flaw resides in dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace() in dc_dmub_srv.c, where a combined NULL guard incorrectly permits DC_LOG_ERROR() - which internally dereferences dc_dmub_srv->ctx - to execute when dc_dmub_srv itself is NULL. No public exploit has been identified at time of analysis and EPSS sits at the 4th percentile, indicating very low exploitation probability in the wild.
Kernel crash in Linux DRM/AMD DCN32 display subsystem affects systems equipped with AMD RDNA3-generation GPUs running x86 non-RT kernels. The dcn32_validate_bandwidth() function locks FPU registers via DC_FP_START(), disabling local softirqs, then calls kvzalloc() for a ~335 KiB phantom-plane allocation that triggers the vmalloc path; vmalloc fires BUG_ON(in_interrupt()), crashing the kernel. No public exploit has been identified at time of analysis, and EPSS at 0.15% (5th percentile) reflects low real-world exploitation interest.
Boot-time kernel crash in Linux 6.16+ on AMD IOMMU-equipped systems causes a General Protection Fault when a PCI device whose Bus:Device.Function address is absent from the ACPI IVRS table is encountered during IOMMU initialization. The root cause is a missing bounds check in __rlookup_amd_iommu() that was latent until commit e874c666b15b changed the rlookup_table allocation from a zeroed page-order block (which returned NULL on overrun) to a tight kvcalloc(), causing adjacent slab contents to be dereferenced as a valid struct amd_iommu pointer. The result is a non-recoverable GPF at boot time, confirmed in production on Google Compute Engine ct6e VMs; no public exploit code and no CISA KEV listing exist at time of analysis.
Local privilege escalation and memory corruption in the Linux kernel DRM/GEM subsystem stems from a race condition in the GEM change_handle ioctl when it runs concurrently with gem_close, where botched two-stage idr_replace handling against the wrong idr slot allows a concurrent close to steal the object's only inherited reference. The flaw affects systems using the DRM graphics stack (notably AMD GPU paths, per source tags) and an unprivileged local user with access to a DRM render/card device can trigger a use-after-free, with the upstream resolution disabling the change_handle ioctl entirely until the locking can be proven correct. No public exploit identified at time of analysis and EPSS is low (0.17%, 7th percentile), consistent with a local-only, hard-to-win race rather than mass exploitation.
Out-of-bounds read and unbounded-iteration denial of service in the Linux kernel's AMD Display (amdgpu DC) driver arises when the bios_parser/bios_parser2 code walks VBIOS record chains that lack a proper 0xFF terminator record. A local attacker able to supply a malformed VBIOS image can force hundreds of thousands of probe-time iterations (with record_size=1) and, near the image boundary, trigger struct casts that read past the 2-byte header validated by GET_IMAGE. There is no public exploit identified at time of analysis, and the EPSS score is low (0.17%, 6th percentile), consistent with a local, firmware-dependent memory-safety bug rather than a broadly exploited remote flaw.
Out-of-bounds kernel heap write in the AMD Display (amdgpu) driver's HDMI HDCP 2.x repeater authentication path affects Linux kernels from 5.6 through the 7.1 release candidates. When reading a downstream sink's RxStatus register, the driver in mod_hdcp_read_rx_id_list() uses an attacker-influenced 10-bit message-size field (up to 1023 bytes) as the I2C read length without bounding it to the 177-byte rx_id_list buffer, so a malicious HDMI repeater can force a write past the buffer and corrupt kernel memory. There is no public exploit identified at time of analysis and EPSS is low (0.21%, 11th percentile); it is not listed in CISA KEV.
Out-of-bounds heap write in the Linux kernel amdgpu DRM display driver (drm/amd/display) arises because the VBIOS integrated info tables (v1_11 and v2_1) expose unvalidated u8 HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C settings into fixed-size arrays (9 and 3 elements). A malformed VBIOS can set these counts up to 255, overrunning the destination arrays during driver probe on AMD GPU systems. No public exploit has been identified and EPSS is very low (0.17%), but the memory-corruption primitive (CWE-787) carries high confidentiality, integrity, and availability impact per the CVSS 7.8 rating.
NULL pointer dereference and buffer over-read in the Linux kernel's AMD display driver (drm/amd/display) can be triggered by a local user writing to the sdp_message debugfs node, causing a kernel panic and denial of service. The dp_sdp_message_debugfs_write() function fails to check whether connector->base.state->crtc is NULL - a valid transient state after GPU hotplug before an atomic commit - and unconditionally passes 36 bytes to copy_from_user() regardless of the caller-provided size, enabling a second over-read path. No public exploit or CISA KEV listing exists; EPSS is 0.18% (7th percentile), consistent with a localized, hardware-dependent DoS.
In the Linux kernel, the following vulnerability has been resolved: amd-pstate: Fix memory leak in amd_pstate_epp_cpu_init() On failure to set the epp, the function amd_pstate_epp_cpu_init() returns with an error code without freeing the cpudata object that was allocated at the beginning of the function. Ensure that the cpudata object is freed before returning from the function. This memory leak was discovered by Claude Opus 4.6 with the aid of Chris Mason's AI review-prompts (https://github.com/masoncl/review-prompts/tree/main/kernel).
In the Linux kernel, the following vulnerability has been resolved: perf/amd/ibs: Avoid calling perf_allow_kernel() from the IBS NMI handler Calling perf_allow_kernel() from the NMI context is unsafe and could be fatal. Capture the permission at event-initialization time by storing it in event->hw.flags, and have the NMI handler rely on that cached flag instead of making the call directly.
Improper DMA-alias handling in the Linux kernel's AMD IOMMU driver lets a stale or incorrect Device Table Entry (DTE) be propagated to an alias PCI device, weakening the DMA isolation the IOMMU is meant to enforce. The flaw affects systems on AMD platforms where pci_for_each_dma_alias() supplies an alias-rather than the original-device to clone_alias(), causing the wrong source devid to be used when copying the DTE. EPSS is low (0.17%, 6th percentile) and there is no public exploit identified at time of analysis.
Man-in-the-middle attacks against AMD's optional desktop tools - AMD Management Console (AMC), AMD Ryzen Master, and AMD μProf - can lead to arbitrary code execution because the affected utilities transport data over plaintext HTTP rather than TLS. An attacker positioned on the network path between a victim workstation and the AMD endpoint can tamper with traffic (most plausibly update or telemetry channels) to substitute malicious content that is then executed by the tool. No public exploit identified at time of analysis and the issue is not in CISA KEV; EPSS data was not provided.
Unrestricted resource allocation in AMD µProf allows a local low-privileged user to consume excessive system resources, resulting in a loss of availability (denial of service). The CVSS 4.0 score of 6.8 reflects a locally exploitable, low-complexity attack requiring only low privileges with no user interaction needed. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis; however, the straightforward nature of resource exhaustion attacks makes it a realistic local threat on systems where AMD µProf is deployed.
Improper access control in AMD µProf exposes a kernel-shared memory section to low-privileged local users, enabling writes that can crash the system or cause a denial of service. All AMD µProf versions prior to 5.3 are affected across supported platforms. No public exploit code has been identified and this CVE is not listed in CISA KEV, but the CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N) indicates straightforward local exploitation requiring only basic user privileges with no additional complexity or user interaction.
Improper access control in the IOMMU register interface on AMD EPYC server processors allows a high-privileged local attacker to induce non-coherent memory accesses by the AMD Secure Processor (ASP), resulting in loss of system integrity beyond the directly compromised component. Affected processor families span EPYC 8004, 9004, and 9005 series - including embedded variants - covering AMD's current-generation server and embedded datacenter platforms. No public exploit code and no CISA KEV listing exist at time of analysis, but the elevated subsequent integrity impact (SI:H in CVSS 4.0) signals meaningful security boundary degradation, particularly relevant for confidential computing and virtualized environments where ASP integrity is foundational.
Out-of-bounds array access in the Linux kernel's AMD GPU display driver (drm/amd/display) allows local privileged users to trigger memory corruption via the dcn35_stream_encoder_create() function when eng_id equals ENGINE_ID_DIGF (value 5) or is negative, indexing past the 5-element stream_enc_regs[] array. The flaw stems from a faulty boundary check using <= instead of <, and no public exploit has been identified at time of analysis with an EPSS score of 0.02% (5th percentile) indicating very low exploitation probability.
Null pointer dereference in the Linux kernel's AMD GPU display driver (drm/amd/display) crashes the kernel during Hot Plug Detection (HPD) initialization on systems with AMD GPUs. The amdgpu_dm_hpd_init() function assigns dc_link from a connector but then unconditionally dereferences it at line 940 of amdgpu_dm_irq.c without first confirming it is non-NULL - connectors lacking a valid dc_link trigger a kernel NULL dereference. Exploitation requires local, low-privileged access to a system with an affected AMD GPU; no public exploit has been identified at time of analysis and EPSS probability is 0.02% (5th percentile), indicating very limited real-world exploitation pressure.
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures. Rated high severity (CVSS 7.1). No vendor patch available.
Local privilege escalation and information disclosure in the Linux kernel on AMD Zen2 CPUs allows low-privileged users to trigger instruction corruption via improper isolation of shared resources in the op cache. Affecting kernels prior to 5.10.256, 5.15.207, 6.1.173, 6.6.139, 6.12.88, 6.18.30, and 7.0.7, the flaw carries a CVSS 8.8 due to scope change (S:C) impacting confidentiality, integrity, and availability beyond the original security boundary. EPSS is very low (0.02%, 7th percentile) and no public exploit identified at time of analysis, but the architectural nature of the bug (CPU op cache sharing) makes it relevant for multi-tenant and virtualization workloads.
Denial of service in the Linux kernel Ceph client allows local users with access to a Ceph-mounted filesystem to trigger d_hash list corruption and RCU stalls by inducing path lookups against reused cached negative dentries. The flaw stems from fs/ceph/dir.c calling d_add(dentry, NULL) on already-hashed negative dentries, creating self-loops in the hlist_bl bucket that cause __d_lookup() to spin indefinitely. EPSS is 0.02% (5th percentile) and no public exploit identified at time of analysis, but the bug has been reproduced organically in production (RCU stall on a Dell PowerEdge R7615 running 6.18.17).
Local privilege escalation potential in the Linux kernel's AMD KFD (Kernel Fusion Driver) debug subsystem allows a local user with GPU access to trigger a buffer overflow in the watch_points array via a crafted watch_id value. The flaw stems from signed/unsigned integer mishandling in kfd_dbg_trap_clear_dev_address_watch(), where userspace-supplied watch_id values exceeding INT_MAX cause undefined bit shifts and out-of-bounds memory access. No public exploit identified at time of analysis, and EPSS scores exploitation probability at only 0.02%.
VM escape in Kata Containers allows any Kubernetes user with pod-creation rights to break out of the VM sandbox and gain full read/write access to the host filesystem. All Kata Containers installations prior to commit ffa59ce3aa78 are affected when using the default configuration.toml, which enables the `virtio_fs_extra_args` and `kernel_params` pod annotations out of the box. An attacker crafts a pod with two annotations: one to redirect virtiofsd to serve the host root filesystem (`/`) into the guest VM, and a second to enable the agent debug console - after which the entire host filesystem is accessible from inside the supposedly isolated VM. A fully working proof-of-concept with confirmed output against Kata Containers 3.28.0 on Ubuntu 24.04 has been publicly disclosed; no public exploit confirmed as actively exploited (CISA KEV) at time of analysis.
Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability
A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.
Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer (ASP) could allow an attacker to read or write to protected memory potentially resulting in. Rated high severity (CVSS 8.8). No vendor patch available.
Improper privilege validation in AMD Secure Processor (ASP) allows authenticated local attackers to write data to restricted memory regions, compromising data integrity and potentially affecting system availability. The vulnerability affects AMD MI-25, MI250, MI210 accelerators and AMD Radeon Pro V520/V620 GPUs. No public exploit code has been identified, but the low attack complexity and authenticated network access vector indicate moderate real-world risk in data center and AI/ML environments where these devices are deployed.
Buffer overflow in AMD GPU driver IOCTL handler enables local privilege escalation to root on Linux systems running AMD Instinct or Radeon Pro GPUs. Authenticated local users with low privileges can exploit an out-of-bounds write vulnerability in the AMDGV_CMD_GET_DIAG_DATA IOCTL to achieve arbitrary kernel code execution. EPSS data not available; no public exploit or CISA KEV listing identified at time of analysis, suggesting limited active exploitation despite high CVSS 8.5 severity.
Out-of-bounds read in AMD Secure Processor TEE SOC Driver allows high-privileged local attackers to trigger memory exposure or denial of service via malformed SR-IOV commands on Radeon RX 6000/7000, Pro W6000/W7000, and Instinct MI-series GPUs. Insufficient parameter sanitization in the DRV_SOC_CMD_ID_LOAD_GFX_IP_FW command handler permits crafted input to bypass bounds checks, exposing SOC Driver memory or causing exceptions. Attack requires high privilege level (PR:H) and local access (AV:L), limiting real-world exploitation to compromised administrative contexts or supply-chain scenarios.
Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the. Rated high severity (CVSS 7.1). No vendor patch available.
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.
Local privilege escalation in AMD Platform Management Framework (PMF) allows authenticated attackers with low privileges to execute arbitrary code with elevated system privileges through an out-of-bounds write vulnerability. Affects multiple AMD Ryzen processor series (6000, 7035, 7040, 8040, and Embedded R8000) across mobile and embedded platforms. The CVSS 4.0 score of 8.4 reflects high impact to system integrity and availability with changed scope, indicating the attacker can escape the vulnerable component's security context. No active exploitation confirmed in CISA KEV at time of analysis, and public exploit code availability is not indicated in current intelligence.
Buffer overflow in AMD Sensor Fusion Hub Driver allows local authenticated attackers to write out of bounds, causing denial of service or system crash. The vulnerability affects multiple Ryzen processor families (4000, 5000, 7000, 7020, 7030, 7035, 7040 series and Ryzen AI 300 series) with Radeon integrated graphics across Windows mobile and desktop platforms. No active exploitation has been confirmed at time of analysis.
Arbitrary code execution and denial of service in AMD Platform Management Framework (PMF) affects Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. A local authenticated attacker exploiting an unchecked return value vulnerability can write to arbitrary memory locations, potentially escalating privileges from low to high integrity across system boundaries. The CVSS 4.0 score of 7.1 reflects local attack vector with low complexity but requires specific attack timing conditions (AT:P), though the cross-scope impact (S:H) and high confidentiality/integrity impact to subsequent systems elevate real-world risk for enterprise environments with AMD mobile processors.
Out-of-bounds read in AMD Platform Management Framework (PMF) allows authenticated local attackers to read arbitrary memory locations, potentially disclosing sensitive information or causing availability loss on affected Ryzen processors. The vulnerability requires local access and low privileges but can be triggered without user interaction. AMD released a security bulletin (AMD-SB-4015) describing the issue; active exploitation status not confirmed at time of analysis.
Local attackers with low-privilege credentials can exploit unchecked return value handling in AMD Platform Management Framework (PMF) to read or write arbitrary memory addresses across multiple AMD Ryzen processor families (6000, 7000, 8000 series). This CWE-252 flaw enables privilege escalation to kernel level, compromising system confidentiality and availability with high impact across both virtualized and physical contexts. AMD has released security bulletin AMD-SB-4015 addressing the vulnerability. No CISA KEV listing or public exploit code has been identified at time of analysis, but the low attack complexity (AC:L) and local privilege requirement (PR:L) suggest exploitation is technically straightforward for attackers with initial system access.
Local privilege escalation in AMD Platform Management Framework (PMF) allows authenticated attackers with low privileges to unmap arbitrary memory pages, potentially executing code with elevated privileges or triggering system crashes. Affects modern AMD Ryzen mobile processors across multiple generations (6000/7000/8000/AI 300 series, embedded variants). The vulnerability enables both horizontal escalation (confidentiality compromise via changed scope in CVSS 4.0) and vertical impact (integrity/availability degradation). No evidence of active exploitation (not in CISA KEV), but the local attack vector with low complexity makes this exploitable by malware or malicious insiders once system access is obtained. EPSS data not available for risk calibration.
Uninitialized kernel memory within AMD's Platform Management Framework (PMF) can be read by local authenticated attackers, resulting in information disclosure or availability impact. This affects AMD Ryzen processors across multiple generations (6000, 7035, 7040, 8040 series and Z1/Embedded 8000) where PMF is present. The vulnerability requires local access and authenticated user privileges but does not require user interaction, making it exploitable by any local user with login credentials.
Out-of-bounds write in the AMD Platform Management Framework (PMF) Driver enables local authenticated users to escalate privileges on AMD Ryzen 6000/7000/8000 series processors. The vulnerability stems from improper input validation (CWE-787) allowing memory corruption beyond allocated buffer boundaries. Exploitation requires low-privilege local access with low attack complexity (CVSS 4.0: AV:L/AC:L/PR:L), making this a realistic post-compromise escalation vector. AMD released chipset driver version 7.06.02.123 addressing all affected Ryzen series. No public exploit or active exploitation confirmed at time of analysis.
Improper input validation in the AMD Platform Management Framework (PMF) driver allows local authenticated attackers to read out-of-bounds memory, resulting in information disclosure or denial of service. The vulnerability affects multiple Ryzen processor families (7035, 7040, 8040, 6000 series, and Embedded 8000) and requires local access with limited privileges to exploit.
Out-of-bounds read/write in AMD Platform Management Framework (PMF) driver allows local authenticated users to escalate privileges on Ryzen 6000/7000/8000 series processors. AMD has released patched chipset software version 7.06.02.123 addressing the improper input validation vulnerability. No public exploit code identified and CISA has not added this to KEV, indicating exploitation is not yet confirmed in real-world attacks despite the high CVSS score. Attackers must already have local system access with standard user privileges to exploit this vulnerability.
Buffer overflow in the AMD Secure Processor (ASP) PCI driver affects dozens of AMD Ryzen, EPYC, and Threadripper processor families across desktop, mobile, and embedded variants. Local attackers with user-level privileges can trigger improper input validation in the driver to cause a crash or denial of service, with potential for integrity impact. The vulnerability requires local access and authenticated user privileges; no active exploitation in the wild has been confirmed, and vendor-released patches are available.
Insecure installation directory permissions in AMD chipset driver allow local authenticated attackers to achieve SYSTEM-level privilege escalation and execute arbitrary code. The vulnerability affects nearly all AMD Ryzen, Threadripper, EPYC, and Athlon processors across desktop, mobile, embedded, and server product lines. AMD has released patched chipset driver versions 8.01.20.513 (consumer/workstation) and 8.03.14.329/8.03.16.641 (server). No active exploitation confirmed at time of analysis, but the local vector and low attack complexity make this exploitable by any authenticated Windows user, including standard users without admin rights.
Use-After-Free vulnerability in the AMD Secure Processor (ASP) PCI driver affects multiple Ryzen, Threadripper, EPYC, and Athlon processor families due to improper input validation. A local attacker with user-level privileges can trigger the UAF condition, resulting in denial of service via platform crash or potential loss of platform integrity. Vendor-released patch: AMD Ryzen Chipset Driver 7.02.13.148 (or equivalent Catalyst driver versions for embedded SKUs). No public exploit identified at time of analysis.
Privilege escalation in AMD GPIO controller driver for Windows allows authenticated local users with low privileges to execute arbitrary code with elevated rights via insecure directory permissions. Affects nearly the entire AMD processor portfolio from Ryzen 3000-series through latest EPYC 9005 and Ryzen AI 300. AMD has released patched chipset drivers (version 7.04.09.545 for most desktop/mobile products, 8.03.16.641 for server platforms) addressing the vulnerability. EPSS score and KEV status not provided in source data, but the local attack vector and user interaction requirement limit remote exploitation risk despite the 7.0 CVSS score.
Improper input validation in the AMD OverDrive (AOD) System Management Mode (SMM) module could allow a privileged attacker to perform an out-of-bounds read, potentially resulting in loss of. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.
Arbitrary code execution in AMD optional tools occurs through DLL injection during unsafe OpenSSL initialization, allowing local authenticated attackers with low-privilege user access and user interaction to execute malicious code with high impact to confidentiality, integrity, and availability. The vulnerability stems from insecure library loading (CWE-427) where the affected AMD utilities fail to validate DLL search paths during OpenSSL library initialization. No active exploitation confirmed (not in CISA KEV) and no public exploit code identified at time of analysis, though the low attack complexity (AC:L) indicates straightforward exploitation once local access is obtained.
Null pointer dereference in the Linux kernel's AMD ASoC ACP3x audio driver (acp3x-rt5682-max9836) allows a local low-privileged user on affected hardware to crash the kernel. The flaw originates in acp3x_5682_init(), which failed to validate the return value of clk_get() before passing it to rt5682_clk_enable(), meaning an error pointer could be dereferenced directly. No public exploit identified at time of analysis and the EPSS score of 0.02% (7th percentile) reflects extremely low exploitation interest; this vulnerability is not listed in the CISA KEV catalog.
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality and integrity.
Null pointer dereference in the Linux kernel's ASoC AMD ACP machine-common driver can be triggered by a local authenticated user to crash the kernel, resulting in a denial of service. The functions acp_card_rt5682_init() and acp_card_rt5682s_init() in sound/soc/amd/acp/acp-mach-common.c fail to validate the return value of clk_get(), allowing an invalid error pointer to be dereferenced by downstream clock core functions. No public exploit code exists and no active exploitation has been confirmed; EPSS probability stands at 0.02% (5th percentile), reflecting very low real-world exploitation likelihood.
Memory leak and denial-of-service in the Linux kernel macb network driver (used in AMD ZynqMP platforms) allows local authenticated users to cause prolonged network disruption and system resource exhaustion. The flaw manifests during suspend/resume cycles when the transmit ring pointer resets incorrectly, silently dropping queued packets without releasing their memory, and causing the driver to become stuck waiting for already-transmitted packets. Real-world impact observed in NFS rootfs recovery delays. EPSS score of 0.02% (7th percentile) indicates low exploitation likelihood. Vendor patches available across multiple stable kernel branches (6.1.167, 6.6.130, 6.12.78, 6.18.20, 6.19.9).
A NULL pointer dereference in Linux kernel AMD GPU driver cleanup code causes local denial of service when GPU initialization fails on systems with unsupported AMD hardware blocks. Local authenticated users with low privileges can trigger kernel crashes during device teardown sequences. The vulnerability affects multiple stable kernel versions (6.18.16-6.18.19, 6.19.6-6.19.9) with patches available from upstream. EPSS score of 0.02% (4th percentile) indicates very low observed exploitation probability, and no active exploitation or public exploits are confirmed. Real-world impact is limited to systems with specific AMD GPU hardware experiencing initialization failures, making this primarily a reliability issue rather than a direct security threat.
Null pointer dereference in Linux kernel's AMD DRM driver causes system crash during device cleanup on unsupported hardware. The flaw (CWE-476) affects multiple 6.18.x and 6.19.x kernel versions, allowing local authenticated users to trigger denial of service through AMD GPU driver initialization or cleanup operations. Patches available via kernel stable tree commits with EPSS score of 0.02% indicating minimal exploitation likelihood. No active exploitation or public POC identified at time of analysis.
NULL pointer dereference in the Linux kernel's AMD display driver (DRM subsystem) allows local authenticated users to crash the system via dcn401_init_hw() function. Affects kernel 6.12 through 7.0-rc6, specifically the DCN 4.01 hardware sequencer in amdgpu driver. Vendor patches available for stable branches (6.18.22, 6.19.12, 7.0). EPSS exploitation probability is very low (0.02%, 4th percentile), indicating minimal real-world threat despite moderate CVSS score. Not listed in CISA KEV, and no public exploit code identified at time of analysis.
A null pointer dereference in the AMD Display Core driver's DSC (Display Stream Compression) handling for eDP panels causes local system crashes on Linux kernel 6.12 through 7.0-rc5. The vulnerability stems from missing function hook validation before use, allowing local authenticated users with low privileges to trigger a high-severity denial-of-service condition. Patches available across kernel 6.12.75, 6.18.16, 6.19.6, and 7.0 stable branches. EPSS score of 0.02% (5th percentile) indicates minimal observed exploitation activity, and no KEV listing or public POC identified at time of analysis.
Denial of service via system hang in Linux kernel's AMD display driver occurs when the DMUB hardware lock evaluation mismatches between lock acquisition and release in the HWSS fast path, affecting ASIC variants without FAMS support. Local authenticated attackers can trigger this condition through display operations, causing a hang with high availability impact. Patch available in stable releases 6.19.6 and 7.0; EPSS score of 0.02% indicates low real-world exploitation probability despite KEV status.
Denial of service in Linux kernel drm/amdgpu driver (VCNv2.5) affects virtual function (VF) GPU environments running kernel versions prior to 6.18.16, 6.19.6, and 7.0. During module unload or system deinitialization, VF configurations trigger a kernel warning and potential crash when attempting to release an uninitialized VCN poison interrupt handler. EPSS exploitation probability is very low (0.02%, 4th percentile) with no public exploit or active exploitation (not in CISA KEV). Vendor patches available across multiple stable kernel branches via upstream commits.
AMD IOMMU completion wait operations in the Linux kernel can trigger soft lockups under high load when strict mode is enabled (iommu.strict=1). The vulnerability stems from busy-waiting inside a spinlock with interrupts disabled, causing kernel responsiveness issues and potential denial of service on systems with AMD IOMMU hardware. Patches are available across multiple kernel stable branches (6.6.128, 6.12.75, 6.18.16, 6.19.6, 7.0). EPSS score is low (0.02%, 5th percentile) with no confirmed active exploitation or public POC identified at time of analysis.
A denial of service vulnerability in the Linux kernel's AMD display driver (drm/amd/display) allows local authenticated users to crash the system by accessing link encoder functionality on DisplayPort over USB-C (DPIA) links without proper signal type validation. The vulnerability affects kernel versions before the patches released in stable branches 6.12.75, 6.18.16, 6.19.6, and 7.0. No public exploit code has been identified, and real-world exploitation probability is very low (EPSS 0.02%), suggesting this is primarily an edge-case denial of service affecting specific hardware configurations with DPIA displays.
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, completion wait randomly gets timed out because cmd_sem_val was incremented outside the IOMMU spinlock, allowing CMD_COMPL_WAIT commands to be queued out of sequence and breaking the ordering assumption in wait_on_sem(). Move the cmd_sem_val increment under iommu->lock so completion sequence allocation is serialized with command queuing. And remove the unnecessary return.
Denial of service in Linux kernel PCI endpoint configfs interface allows local attackers with low privileges to crash the kernel via swapped parameters in pci_primary_epc_epf_unlink() and pci_secondary_epc_epf_unlink() functions. When executing the unlink command in configfs, incorrect parameter ordering causes invalid memory access and kernel panic. CVSS 5.5 (local, low complexity, low privilege) with EPSS 0.02% suggests limited real-world exploitation despite confirmed availability of patches across multiple kernel branches.
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 [Why] A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to remain stuck. The OTG being stuck can lead to a hang in the DCHVM's ability to ACK invalidations when it thinks the HUBP is still on but it's not receiving global sync. The transition to PLL_ON needs to be atomic as there's no guarantee that the thread isn't pre-empted or is able to complete before the IOMMU watchdog times out. [How] Backport the implementation from dcn401 back to dcn35. There's a functional difference in when the eDP output is disabled in dcn401 code so we don't want to utilize it directly.
Null pointer dereference in the Linux kernel AMD power management (drm/amd/pm) subsystem causes denial of service when SMU (System Management Unit) is disabled during RAS (Reliability, Availability, and Serviceability) initialization. Local authenticated attackers with low privileges can trigger this crash on affected systems, resulting in kernel panic and system unavailability. EPSS exploitation probability is very low (0.02%), indicating this requires specific configuration and local access.
Kernel NULL pointer dereference in AMD GPU driver on systems with 64KB page sizes allows local authenticated attackers to crash the system by triggering memory allocation mismatches between reserved trap area (8KB) and required allocation size (128KB) during GPU memory initialization. The vulnerability affects systems running ROCm workloads and causes denial of service when executing rocminfo or rccl unit tests on IBM POWER10 and similar 64K-page architectures. EPSS exploitation probability is very low (0.02%), and no public exploit code or active in-the-wild exploitation has been identified.
A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality.
Use-after-free in Linux kernel AMD GPU driver allows local authenticated users to potentially execute arbitrary code, escalate privileges, or cause denial of service. The amdgpu_amdkfd_submit_ib() function in the AMD KFD (Kernel Fusion Driver) prematurely releases a DMA fence reference before waiting on it, creating a race condition where the fence memory may be freed before use. Vendor-released patches are available for multiple stable kernel branches (6.1.168, 6.6.131, 6.12.80, 6.18.21, 6.19.11, 7.0). EPSS exploitation probability is very low at 0.02% (7th percentile), and no public exploit or active exploitation has been identified at time of analysis.
Use-after-free in Linux kernel AMD display driver allows local authenticated users to execute arbitrary code, corrupt memory, or cause denial of service. Affects systems with AMD graphics using Display Stream Compression (DSC) and multi-stream transport (MST), particularly laptops with integrated displays and external DP-MST monitors. The vulnerability arises when mode changes occur simultaneously with DSC reconfigurations, causing improper stream lifecycle management. Vendor patch available across multiple kernel versions (6.12.80, 6.18.21, 6.19.11, 7.0). EPSS score of 0.02% indicates low exploitation probability in the wild, with no CISA KEV listing or public exploit identified at time of analysis.
Memory leak in AMD display driver (amdgpu_dm) on Linux kernel allows local authenticated attackers to cause denial of service by exhausting kernel memory when display sinks are connected and the system resumes from sleep. The vulnerability arises from failure to free previously allocated drm_edid structures before overwriting them, and is confirmed in kernel versions up to 7.0 RC5 with EPSS exploitation probability of 0.02% indicating low real-world exploitation likelihood.
Denial of service via null pointer dereference in AMD display driver backlight setup affects Linux kernel versions 6.19 through 7.0-rc5 when LVDS connectors are present without extended backlight capabilities. Local authenticated users with low privileges can trigger a crash by accessing backlight controls on affected systems, causing system instability. Patch available from vendor with EPSS score of 0.02% indicating low real-world exploitation probability.
Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.
Missing lock check in AMD Platform Security Processor in AMD EPYC™ 9005 Series CPUs allows a privileged attacker to potentially impact guest confidentiality via local access.
Race condition in Samsung Exynos Wi-Fi drivers enables local privilege escalation to kernel execution via double-free memory corruption. Affects 11 mobile and wearable processors (Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, W1000). Local attackers with low privileges can trigger memory corruption by racing ioctl calls across threads, achieving high confidentiality, integrity, and availability impact. EPSS score of 0.02% (5th percentile) suggests minimal real-world exploitation likelihood despite CVSS 7.0 severity. No public exploit identified at time of analysis.
Linux kernel NULL pointer dereference in the x86 PMU NMI handler on AMD EPYC systems causes denial of service when perf event unthrottling races with PMU rescheduling. The vulnerability stems from commit 7e772a93eb61 moving event pointer initialization later in x86_pmu_enable(), allowing the unthrottle path to set active_mask bits without populating the corresponding events[] array entries, leading to NULL pointer dereference when subsequent PMC overflow interrupts fire. No public exploit code identified at time of analysis; patch fixes are available in upstream Linux kernel stable branches.
The Handlebars npm package precompiler (bin/handlebars) allows arbitrary JavaScript injection through unsanitized string concatenation in four distinct code paths: template filenames, namespace option (-n), CommonJS path option (-c), and AMD path option (-h). Attackers who can control template filenames or CLI arguments can inject code that executes when the generated JavaScript bundle is loaded in Node.js or browser environments. Publicly available exploit code exists with multiple proof-of-concept vectors demonstrated, including file system manipulation via require('fs'). CVSS 8.3 reflects local attack vector requiring low privileges and user interaction, with changed scope allowing high confidentiality, integrity, and availability impact.
Attested TLS relay attacks in Cocos AI confidential computing system versions 0.4.0 through 0.8.2 enable attackers to impersonate genuine TEE-protected services on AMD SEV-SNP and Intel TDX platforms by extracting ephemeral TLS private keys and redirecting authenticated sessions. The architectural flaw allows an attacker with physical access or side-channel capabilities to relay attestation evidence to a different endpoint, breaking the authentication binding between the TEE and the client. No vendor-released patch is available; the vulnerability affects a specialized confidential computing platform with low EPSS probability (formal EPSS score not provided in input) and no public exploit identified at time of analysis, though formal ProVerif verification confirms the attack feasibility.
A logic error in the Linux kernel's AMD GPU driver causes system crashes when two AMD GPUs are present and only one supports ASPM (Active State Power Management). The vulnerability stems from a commit that was erroneously reapplied after being removed in a prior refactoring, leading to incorrect ASPM state evaluation across multiple devices. Systems running affected Linux kernel versions with heterogeneous AMD GPU configurations (mixed ASPM support) will experience denial of service through kernel crashes.
AMD GPU drivers on Linux systems fail to prevent MMIO register access during SMU Mode 1 reset, allowing incomplete PCIe transactions that can trigger NMI panics or system hangs. A local attacker with driver interaction capabilities could exploit this to cause a denial of service by accessing registers while the device is offline. The vulnerability affects Linux kernel implementations with AMD PM functionality and currently lacks an available patch.
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVM_IRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvm_arch_irq_bypass_del_producer() on x86 and arm64, which explicitly look for KVM_IRQ_ROUTING_MSI.
Memory leak in AMD ASoC PDM DMA operations allows local attackers with user-level privileges to cause denial of service through resource exhaustion on affected Linux systems. The vulnerability persists as no patch is currently available, leaving vulnerable systems at continued risk of system instability or crash from cumulative memory consumption.
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.
Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.