CVE-2025-0038

Medium CVSS: 6.6

In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.

Vendor

Product

CWE

CWE-1284

Yayın Tarihi

2025-10-06 17:16:03

Güncelleme

2025-10-08 19:38:32

Source Identifier

psirt@amd.com

KEV Date Added

Kategoriler

CWE-1284 MEDIUM 2025

Referanslar

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html