AMD Graphics Vulnerabilities – August 2025
Summary
Audits performed on AMD graphics and datacenter accelerator products, as well as external reports received by AMD, uncovered potential vulnerabilities affecting AMD graphics, datacenter, and some client processors.
CVE Details
Refer to Glossary for explanation of terms
CVE |
CVE Description |
CVSS Score |
CVE-2024-36312 |
Improper isolation of VCN-JPEG HW memory space control register could allow a malicious guest VM to perform an unauthorized write to that register to gain arbitrary read/write access to the host and other guest VM physical memory. |
8.8 High CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 8.5 High CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
CVE-2024-36342 |
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow, potentially resulting in arbitrary code execution. |
8.8 (High) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 8.4 (High) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
CVE-2023-31322 |
Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability Trusted Application (RAS TA), potentially leading to a read or write to shared memory, resulting in loss of confidentiality, integrity, or availability. (Note: Impact is limited to AMD Radeon™ 7000 and AMD Radeon™ Pro W7000 series graphics cards). |
8.7 (High) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L 9.3 (Critical) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L |
CVE-2024-36352 |
Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service. |
8.4 (High) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H 6.2 (Medium) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H |
CVE-2021-26383 |
Insufficient bounds checking in AMD Trusted Execution Environment (TEE) could allow an attacker with a compromised userspace to invoke a command with malformed arguments, leading to out of bounds memory access, potentially resulting in loss of integrity or availability. |
7.9 (High) CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H 6.8 (Medium) CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N |
CVE-2023-31325 |
Improper isolation of shared resources on a System-on-a-Chip (SOC) could allow a privileged attacker to tamper with the contents of the PSP reserved DRAM region, potentially resulting in loss of confidentiality and integrity. |
7.2 High CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N 7.0 High CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
CVE-2025-0010 |
An out of bounds write in the graphics driver for Linux® could allow an attacker to overflow the buffer, potentially resulting in loss of confidentiality, integrity, or availability. |
6.1 (Medium) CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H 6.9 (Medium) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N |
CVE-2024-36346 |
Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition. |
6.0 Medium CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H 6.8 Medium CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H |
CVE-2025-0009 |
NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file, potentially resulting in a system crash and loss of availability. |
5.5 (Medium) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 6.8 (Medium) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
CVE-2025-0034 |
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service. |
4.7 (Medium) CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H 5.6 (Medium) CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N |
CVE-2021-26377 |
Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service. |
4.1 (Medium) CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H 5.6 (Medium) CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
|
An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area, resulting in loss of integrity or availability. |
3.9 (Low) CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 1.8 (Low) CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L |
CVE-2025-0011 |
Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information, potentially resulting in loss of confidentiality. |
3.3 (Low) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 4.8 (Medium) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
CVE-2023-20516 |
Improper handling of insufficiency privileges in the AMD Secure Processor (ASP) could allow a privileged attacker to modify Translation Map Registers (TMRs), potentially resulting in loss of confidentiality or integrity. |
3.3 (Low) CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N 2.1 (Low) CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
CVE-2023-31306 |
Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions, resulting in an out of bounds read and loss of availability. |
3.3 (Low) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 4.8 (Medium) CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
|
CVE-2021-46745 |
Insufficient input validation in ASP and the system driver may allow an attacker to send malformed structures, causing memory corruption, potentially leading to loss of memory integrity. |
3.0 (Low) CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N 1.8 (Low) CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
CVE-2021-46750 |
Failure to validate the address and size in Trusted Execution Environment (TEE) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox, resulting in an overlap of a Trusted Memory Region (TMR) that was previously allocated by the ASP bootloader, potentially leading to a loss of integrity. |
3.0 (Low) CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N 1.8 (Low) CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
CVE-2023-31326 |
Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality. |
2.8 (Low) CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N 2 (Low) CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
Affected Products and Mitigation
AMD released mitigations and recommends updating to the drivers below.
Data Center Graphics
Product |
CVE ID |
Mitigation |
Release Date |
AMD Instinct™ MI210 AMD Instinct™ MI250 |
CVE-2021-467451 |
ROCm™ 6.4 |
2025-04-11 |
MU4 |
2025-05-13 |
||
CVE-2023-31326 CVE-2021-26383 CVE-2024-36342 |
ROCm 6.4 |
2025-04-11 |
|
CVE-2023-20516 CVE-2025-0010 |
ROCm 6.3 |
2024-12-03 |
|
AMD Instinct™ MI300A |
CVE-2024-36342 |
ROCm 6.4 |
2025-04-11 |
CVE-2025-0010 CVE-2024-36312 |
ROCm 6.3 |
2024-12-03 |
|
CVE-2024-36346 |
BKC 21 |
2024-11-12 |
|
AMD Instinct™ MI300X |
CVE-2024-36342 |
ROCm 6.4 |
2025-04-11 |
CVE-2025-0010 CVE-2025-0034 CVE-2024-36312 |
ROCm 6.3 |
2024-12-03 |
|
CVE-2024-36346 |
BKC 24.13 |
2024-09-27 |
|
AMD Instinct™ MI308X |
CVE-2024-36342 |
ROCm 6.4 |
2025-04-11 |
AMD Instinct™ MI325X |
CVE-2024-36342 |
ROCm 6.4 |
2025-04-11 |
CVE-2025-0034 |
ROCm 6.3 |
2024-12-03 |
- Both MU4 and ROCm™ 6.4 are required to mitigate CVE-2021-46745. There is no required order for applying the mitigations.
Note: If you need support for MI100 products, contact your AMD Customer Engineering representative.
AMD Radeon™ Graphics Cards
Program |
CVE ID |
Mitigation |
AMD Radeon™ Instinct™ MI25 Graphics Products |
CVE-2021-26377 |
Contact your AMD Customer Engineering representative |
CVE-2023-20511 |
||
CVE-2023-20516 |
||
CVE-2024-36352 |
||
AMD Radeon™ PRO V520 Graphics Products |
CVE-2021-26377 |
Contact your AMD Customer Engineering representative |
CVE-2023-20516 |
||
CVE-2021-26383 |
||
CVE-2023-31306 |
||
CVE-2024-36352 |
||
CVE-2025-0009 |
||
CVE-2025-0010 |
||
CVE-2025-0011 |
||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 (2025-05-21) |
|
AMD Radeon™ PRO V620 Graphics Products |
CVE-2021-26377 |
Contact your AMD Customer Engineering representative |
CVE-2021-26383 |
||
CVE-2021-46750 |
||
CVE-2023-20511 |
||
CVE-2023-20516 |
||
CVE-2023-31306 |
||
CVE-2023-31308 |
||
CVE-2024-36352 |
||
CVE-2025-0009 |
||
CVE-2025-0010 |
||
CVE-2025-0011 |
||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 (2025-05-21) |
|
AMD Radeon™ PRO V710 Graphics Products |
CVE-2023-31326 |
Contact your AMD Customer Engineering representative |
CVE-2025-0010 |
||
CVE-2025-0011 |
||
CVE-2023-31365 |
||
CVE-2024-36352 |
||
CVE-2025-0009 |
||
CVE-2025-48508 |
||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 (2025-05-21) |
Program |
CVE |
Fix Version |
Date Fix Released |
|||
AMD Radeon™ RX 5000 Series Graphics Products |
CVE-2024-36352 |
AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01 RDNA) |
2024-11-26 |
|||
CVE-2025-0009 |
AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01) |
2024-11-26 |
||||
CVE-2025-0011 |
||||||
CVE-2021-26377 |
AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01) |
2024-07-25 |
||||
CVE-2021-26383 |
AMD Software: Adrenalin Edition 23.2.1 (22.40.01.45) |
2023-03-15 |
||||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 |
||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 |
||||
CVE-2023-31306 |
No fix planned1 |
N/A |
||||
AMD Radeon™ RX 6000 Series Graphics Products |
CVE-2024-36352 |
AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01 RDNA) |
2024-11-26 |
|||
CVE-2025-0011 |
AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01) |
2024-10-18 |
||||
CVE-2023-31306 |
||||||
CVE-2025-0009 |
||||||
CVE-2021-26377 |
AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01) |
2024-07-25 |
||||
CVE-2021-46750 |
AMD Software: Adrenalin Edition 23.12.1 (23.30.13.01) |
2023-12-12 |
||||
CVE-2021-26383 |
AMD Software: Adrenalin Edition 23.2.1 (22.40.01.45) |
2023-03-15 |
||||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 |
||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 |
||||
AMD Radeon™ RX 7000 Series Graphics Products |
CVE-2024-36352 |
AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01 RDNA) |
2024-11-26 |
|||
CVE-2025-0009 |
AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01) |
2024-11-26 |
||||
CVE-2025-0011 |
2024-11-26 |
|||||
CVE-2023-31325 |
AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01) |
2024-07-19 |
||||
CVE-2023-31326 |
||||||
CVE-2023-31322 |
AMD Software: Adrenalin Edition 24.6.1 (24.10.21.01) |
2023-01-31 |
||||
CVE-2023-31365 |
AMD Software: Adrenalin Edition 24.1.1 (23.40.02) |
2023-11-30 |
||||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 |
||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 |
||||
AMD Radeon™ RX 9000 Series Graphics Products |
CVE-2024-36342 | Radeon Software for Linux 25.10.1 |
2025-05-21 | |||
AMD Radeon™ PRO W5000 Series Graphics Products |
CVE-2024-36352 |
AMD Software: PRO Edition 24.Q4 (24.20.30 RDNA) |
2024-11-26 |
|||
CVE-2025-0009 |
||||||
CVE-2025-0011 |
||||||
CVE-2021-26377 |
AMD Software: PRO Edition 24.Q2 (24.10.20) |
2024-07-25 |
||||
CVE-2021-26383 |
AMD Software: PRO Edition 23.Q1 (22.40.37.05) |
2023-03-15 |
||||
CVE-2023-31306 |
No fix planned1 |
N/A |
||||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 |
||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 |
||||
AMD Radeon™ PRO W6000 Series Graphics Products |
CVE-2024-36352 |
AMD Software: PRO Edition 24.Q4 (24.20.30 RDNA) |
2024-11-26 |
|||
CVE-2023-31306 |
AMD Software: PRO Edition 24.Q4(24.20.30) | 2024-12-11 2024-11-26 2024-11-26 |
||||
CVE-2025-0009 |
||||||
CVE-2025-0011 |
||||||
CVE-2021-26377 |
AMD Software: PRO Edition 24.Q2 (24.10.20) |
2024-07-25 |
||||
CVE-2021-46750 |
AMD Software: PRO Edition 23.Q4 (23.30.13.03) |
2023-12-12 |
||||
CVE-2021-26383 |
AMD Software: PRO Edition 23.Q1 (22.40.37.05) |
2023-03-15 |
||||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 |
||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 |
||||
AMD Radeon™ PRO W7000 Series Graphics Products |
CVE-2024-36352 |
AMD Software: PRO Edition 24.Q4 (24.20.30 RDNA) |
2024-11-26 | |||
CVE-2025-0011 |
AMD Software: PRO Edition 24.Q4 (24.20.30) |
2024-11-26 | ||||
CVE-2025-0009 |
||||||
CVE-2023-31326 |
AMD Software: PRO Edition 24.Q2 (24.10.20) |
2024-07-03 | ||||
CVE-2023-31365 |
AMD Software: PRO Edition 24.Q1 (23.40.20) |
2024-03-26 | ||||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 | ||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 | ||||
AMD Radeon™ PRO W7000 Series Graphics Products |
CVE-2023-31322 |
AMD Software: PRO Edition 24.Q2 (24.10.20) |
2024-07-03 |
|||
CVE-2023-31325 |
||||||
AMD Radeon™ RX Vega Series Graphics Cards |
CVE-2024-36352 |
AMD Software: Adrenalin Edition 24.10.1 (23.19.21.01 pre-RDNA) |
2024-12-11 | |||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 | ||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 | ||||
AMD Radeon™ PRO VII |
CVE-2024-36352 |
AMD Software: PRO Edition 24.Q4 (23.19.21.01/23.19.21.04 pre-RDNA) |
2024-12-11 | |||
CVE-2024-36342 |
Radeon Software for Linux 25.10.1 |
2025-05-21 | ||||
CVE-2025-0010 |
Radeon Software for Linux 24.30.2 |
2025-01-30 | ||||
AMD Radeon™ RX Vega Series Graphics Cards AMD Radeon™ PRO VII |
CVE-2023-31306 |
No fix planned1 |
N/A | |||
- We have evaluated the vulnerability and determined that addressing it would pose a significant risk of regression and instability. Therefore, we will not be releasing a mitigation for this issue.
Client Processors
The below Client processors include integrated graphics. To apply the recommended graphics mitigations for your AMD Client processor, locate the graphics architecture supported by your processor below and then refer to the AMD Radeon™ Graphics Cards tables above for the mitigated version appropriate for your system.
AMD Athlon™ and AMD Ryzen™ Desktop Processors
Product |
Former Code Name |
Integrated AMD Radeon™ Graphics |
Mitigation |
AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics |
“Picasso” |
AMD Radeon™ RX Vega Series |
AMD Software: Refer to the AMD Radeon™ Graphics Cards tables above for the mitigated version appropriate for your system. |
AMD Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics |
“Renoir” |
AMD Radeon™ RX Vega Series AMD Radeon™ PRO VII Series |
|
AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics |
“Cezanne” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 7000 Series Desktop Processors |
“Raphael” |
AMD Radeon™ RX 6000 Series |
|
AMD Ryzen™ 8000 Series Processors with Radeon™ Graphics |
“Phoenix” |
AMD Radeon™ RX 7000 Series AMD Radeon™ PRO W7000 Series |
|
AMD Ryzen™ 9000 Series Desktop Processors |
"Granite Ridge" |
AMD Radeon™ RX 6000 Series |
AMD Athlon™ and AMD Ryzen™ Mobile Processors
Product |
Former Code Name |
Integrated AMD Radeon™ Graphics |
Mitigation |
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics |
"Dali" |
AMD Radeon™ RX Vega Series |
AMD Software: Refer to the AMD Radeon™ Graphics Cards tables above for the mitigated version appropriate for your system. |
AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics |
“Picasso” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics |
“Dali” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics |
“Renoir” |
AMD Radeon™ RX Vega Series AMD Radeon™ PRO VII Cards |
|
AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics |
“Barcelo” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics |
“Lucienne” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics |
“Cezanne” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics |
“Rembrandt” |
AMD Radeon™ RX 6000 Series AMD Radeon™ PRO W6000 Series |
|
AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics |
“Mendocino” |
AMD Radeon™ RX 6000 Series |
|
AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics |
“Barcelo-R” |
AMD Radeon™ RX Vega Series |
|
AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics |
“Rembrandt-R” |
AMD Radeon™ RX 6000 Series AMD Radeon™ PRO W6000 Series |
|
AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics |
“Phoenix” |
AMD Radeon™ RX 7000 Series AMD Radeon™ PRO W7000 Series |
|
AMD Ryzen™ 7045 Series Mobile Processors |
“Dragon Range” |
AMD Radeon™ RX 6000 Series |
|
AMD Ryzen™ AI 300 Series Processor |
“Strix Point” |
AMD Radeon™ RX 7000 Series AMD Radeon™ PRO W7000 Series |
|
AMD Ryzen™ AI Max 300 Series Processors |
"Strix Halo" |
AMD Radeon™ RX 7000 Series AMD Radeon™ PRO W7000 Series |
|
AMD Ryzen™ 9000HX Series Processors |
"Fire Range" |
AMD Radeon™ RX 6000 Series |
|
AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics |
"Hawk Point" |
AMD Radeon™ RX 7000 Series AMD Radeon™ PRO W7000 Series |
|
AMD Ryzen™ Z1 Series Processors |
"Phoenix" |
AMD Radeon™ RX 7000 Series |
|
AMD Ryzen™ Z2 Series Processors |
"Hawk Point" “Strix Point” |
AMD Radeon™ RX 7000 Series |
|
AMD Ryzen™ Z2 Series Processors |
“Rembrandt” |
AMD Radeon™ RX 6000 Series |
Acknowledgement
AMD thanks researchers “rico65536” (CVE-2025-0010), Daniel Jampen and Nicola Stauffer (CVE-2024-36352), “pppwnnn” (CVE-2024-36342) and Aobo Wang of Chaitin Security Research Lab (CVE-2025-0011) for reporting these issues and engaging in coordinated vulnerability disclosure.
Internally found: CVE-2021-26377, CVE-2021-26383, , CVE-2021-46745, CVE-2021-46750, CVE-2023-20516, CVE-2023-31326, CVE-2025-0009, CVE-2025-0034
Revisions
| Revision Date | Description |
| 2025-08-12 | Initial publication |
DISCLAIMER
The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken in the preparation of this document, it may contain technical inaccuracies, omissions and typographical errors, and AMD is under no obligation to update or otherwise correct this information. Advanced Micro Devices, Inc. makes no representations or warranties with respect to the accuracy or completeness of the contents of this document, and assumes no liability of any kind, including the implied warranties of noninfringement, merchantability or fitness for particular purposes, with respect to the operation or use of AMD hardware, software or other products described herein. Any computer system has risks of security vulnerabilities that cannot be completely prevented or mitigated. No license, including implied or arising by estoppel, to any intellectual property rights is granted by this document. Terms and limitations applicable to the purchase or use of AMD’s products are as set forth in a signed agreement between the parties or in AMD's Standard Terms and Conditions of Sale.
AMD, the AMD Arrow logo, Instinct, Radeon, ROCm and combinations thereof are trademarks of Advanced Micro Devices, Inc. CVE and the CVE logo are registered trademarks of The MITRE Corporation. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries. Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies.
Third party content may be licensed to you directly by the third party that owns the content and is not licensed to you by AMD. ALL LINKED THIRD-PARTY CONTENT IS PROVIDED ‘AS IS’ WITHOUT A WARRANTY OF ANY KIND. USE OF SUCH THIRD-PARTY CONTENT IS DONE AT YOUR SOLE DISCRETION AND UNDER NO CIRCUMSTANCES WILL AMD BE LIABLE TO YOU FOR ANY THIRD PARTY CONTENT. YOU ASSUME ALL RISK AND ARE SOLELY RESPONSIBILITY FOR ANY DAMAGES THAT MAY ARISE FROM YOUR USE OF THIRD-PARTY CONTENT.
© 2025 Advanced Micro Devices, Inc. All rights reserved.