CVE-2025-0044

Description

An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

Low

Integrity (Vulnerable System)

None

Availability (Vulnerable System)

Low

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

AMD / AMD Radeon™ PRO W7000 Series Graphics ProductsAMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Radeon™ RX 7000 Series Graphics ProductsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
AMD / AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ GraphicsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Ryzen™ 8000 Series Desktop ProcessorsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ GraphicsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Ryzen™ AI 300 Series ProcessorsAMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Ryzen™ Al Max+AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20) – AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
AMD / AMD Ryzen™ Embedded 8000 Series ProcessorsGraphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123 – Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123

References

MISChttps://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html