CVE-2025-29950

Description

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

High

Attack Requirements

None

Privileges Required

High

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

AMD / AMD EPYC™ 7001 Series ProcessorsNaplesPI 1.0.0.R – NaplesPI 1.0.0.R
AMD / AMD EPYC™ 7002 Series ProcessorsRomePI 1.0.0.N – RomePI 1.0.0.N
AMD / AMD EPYC™ 7003 Series ProcessorsMilanPI 1.0.0.H – MilanPI 1.0.0.H
AMD / AMD EPYC™ 9004 Series ProcessorsGenoaPI 1.0.0.G – GenoaPI 1.0.0.G
AMD / AMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.6 – TurinPI 1.0.0.6
AMD / AMD EPYC™ 9V64H ProcessorMI300C 1.0.0.2 – MI300C 1.0.0.2
AMD / AMD EPYC™ Embedded 3000 Series ProcessorsSnowyOwl_SP4_SP4r2.1.1.0.H – SnowyOwl_SP4_SP4r2.1.1.0.H
AMD / AMD EPYC™ Embedded 7002 Series ProcessorsEmbRomePI-SP3 1.0.0.F – EmbRomePI-SP3 1.0.0.F
AMD / AMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 v9 1.0.0.C – EmbMilanPI-SP3 v9 1.0.0.C
AMD / AMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.B – EmbGenoaPI-SP5 1.0.0.B
AMD / AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Bergamo")EmbGenoaPI-SP5 1.0.0.B – EmbGenoaPI-SP5 1.0.0.B
AMD / AMD EPYC™ Embedded 9004 Series Processors (formerly codenamed "Genoa")EmbGenoaPI-SP5 1.0.0.B – EmbGenoaPI-SP5 1.0.0.B
AMD / AMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5_1.0.0.1 – EmbTurinPI-SP5_1.0.0.1
AMD / AMD Instinct™ MI300AMI300A 1.0.0.B – MI300A 1.0.0.B
AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsStormPeakPI-SP6_1.0.0.1l – StormPeakPI-SP6_1.0.0.1l
AMD / AMD Ryzen™ Threadripper™ 7000 ProcessorsShimadaPeakPI-SP6_1.0.0.1 – ShimadaPeakPI-SP6_1.0.0.1
AMD / AMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6_1.0.0.1 – ShimadaPeakPI-SP6_1.0.0.1
AMD / AMD Ryzen™ Threadripper™ PRO 3000WX ProcessorsCastlePeakWSPI-sWRX8 1.0.0.I – CastlePeakWSPI-sWRX8 1.0.0.I
AMD / AMD Ryzen™ Threadripper™ PRO 3000WX ProcessorsChagallWSPI-sWRX8 1.0.0.C – ChagallWSPI-sWRX8 1.0.0.C
AMD / AMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.C – ChagallWSPI-sWRX8 1.0.0.C
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsShimadaPeakPI-SP6_1.0.0.1 – ShimadaPeakPI-SP6_1.0.0.1
AMD / AMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6_1.1.0.0j – StormPeakPI-SP6_1.1.0.0j
AMD / AMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6_1.0.0.1 – ShimadaPeakPI-SP6_1.0.0.1

CVE-2025-29950

Description

CVSS breakdown

Affected products

References