CVE-2025-48511

Medium CVSS: 5.5

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.

Vendor

Amd

Product

Uprof

CWE

CWE-1285

Yayın Tarihi

2025-11-24 21:16:03

Güncelleme

2025-11-26 18:45:48

Source Identifier

psirt@amd.com

KEV Date Added

Kategoriler

CWE-1285 Uprof MEDIUM Amd 2025

Referanslar

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9019.html

Benzer Kayıtlar

High

CVE-2023-20548

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt…

High

CVE-2023-31324

A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify…

High

CVE-2025-48510

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confi…

Medium

CVE-2025-29933

Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a…

Medium

CVE-2025-48502

Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting…

High

CVE-2023-31359

Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, pote…