CVE-2025-0011
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-06
Last updated on: 2025-09-08
Assigner: Advanced Micro Devices Inc.
Description
Description
Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | radeon_pro_w7000 | * |
| amd | software_pro_edition | 23.40.20 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-212 | The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in AMD Crash Defender involves improper removal of sensitive information before storage or transfer. As a result, an attacker could obtain kernel address information, which may lead to a loss of confidentiality.
How can this vulnerability impact me? :
The vulnerability could allow an attacker with limited privileges to access sensitive kernel address information, potentially compromising the confidentiality of the system's internal memory layout. This could aid further attacks or exploitation.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70