CVE-2025-0034
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-06

Last updated on: 2025-09-08

Assigner: Advanced Micro Devices Inc.

Description
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-06
Last Modified
2025-09-08
Generated
2026-06-16
AI Q&A
2025-09-06
EPSS Evaluated
2026-06-14
NVD
CVE-2025-0034
EUVD
EUVD-2025-27085
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
amd amd_software_pro_edition 24.q1
amd radeon_pro_w7000 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is caused by insufficient parameter sanitization in the TEE SOC Driver. An attacker can send a malformed command (DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART) that causes the driver to read or write beyond the allocated array boundaries, which can lead to instability or compromise of the platform.

Impact Analysis

The vulnerability can result in a loss of platform integrity or cause a denial of service, potentially disrupting normal operation or allowing unauthorized actions on the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-0034. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart