Out-of-bounds Read in Amd Radeon™ Pro W7000 Series Graphics Products

CVE-2025-0044

An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability.

Vulnerability class: Buffer Overflow

EPSS: 0.000 (3.8th percentile) — read the EPSS interpretation.

Affected products

Amd Radeon™ Pro W7000 Series Graphics Products — versions AMD Software: PRO Edition 24.Q2 (24.10.20)
Amd Radeon™ Rx 7000 Series Graphics Products — versions AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01)
Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics — versions AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
Amd Ryzen™ 8000 Series Desktop Processors — versions AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
Amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics — versions AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
Amd Ryzen™ Ai 300 Series Processors — versions AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
Amd Ryzen™ Al Max+ — versions AMD Software: Adrenalin Edition 24.7.1 (24.10.29.01), AMD Software: PRO Edition 24.Q2 (24.10.20)
Amd Ryzen™ Embedded 8000 Series Processors — versions Graphics driver: version 25.6.1, branch: 25.10.13.01. - Chipset version: 7.06.02.123

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

psirt@amd.com