CVE-2025-29933

Medium CVSS: 5.5

Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service

Vendor

Product

CWE

Yayın Tarihi

2025-11-24 21:16:02

Güncelleme

2025-11-26 18:49:47

Source Identifier

psirt@amd.com

KEV Date Added

CWE-787 Uprof MEDIUM Amd 2025

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html

High

CVE-2023-20548

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt…

High

CVE-2023-31324

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify…

High

CVE-2025-48510

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confi…

Medium

CVE-2025-48511

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potenti…

Medium

CVE-2025-48502

Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting…

High

CVE-2023-31359

Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, pote…