Buffer overflow in Amd Epyc™ 4004 Series Processors

CVE-2025-0045

Improper Input validation in the AMD Secure Processor (ASP) PCI driver may allow a local attacker to create a buffer overflow condition, potentially resulting in a crash or denial of service

Vulnerability class: Buffer Overflow

EPSS: 0.000 (3.7th percentile) — read the EPSS interpretation.

Affected products

Amd Epyc™ 4004 Series Processors — versions AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
Amd Epyc™ 4005 Series Processors — versions AMD Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
Amd Epyc™ Embedded 4004 Series Processors — versions AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
Amd Epyc™ Embedded 4005 Series Processors — versions AM5 Windows Chipset Drivers with Digital Signature Fix (64284)
Amd Epyc™ Embedded 8004 Series Processors — versions Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
Amd Epyc™ Embedded 9005 Series Processors — versions Q4 - 2025 AMD Embedded Windows® Chipset drivers (71816)
Amd Ryzen™ 2000 Mobile Processors — versions AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
Amd Ryzen™ 3000 Series Desktop Processors — versions AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
Amd Ryzen™ 5000 Series Desktop Processors — versions AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0
Amd Ryzen™ 5000 Series Desktop Processor With Radeon™ Graphics — versions AMD Ryzen™ Chipset Driver 7.02.13.148 with PSP driver 5.38.0.0

Weakness classification (CWE)

CWE-120 — Buffer Copy without Checking Size of Input (Classic Buffer Overflow)

Buffer overflow in Amd Epyc™ 4004 Series Processors

Affected products

Weakness classification (CWE)

References