Improper input validation in Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics (Formerly Codenamed "Rembrandt")

CVE-2025-29936

Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of co…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (9.6th percentile) — read the EPSS interpretation.

Affected products

Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics (Formerly Codenamed "Rembrandt") — versions 7.06.02.123
Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics (Formerly Codenamed "Rembrandt R") — versions 7.06.02.123
Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics (Formerly Codenamed "Phoenix") — versions 7.06.02.123
Amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics (Formerly Codenamed "Hawk Point") — versions 7.06.02.123
Amd Ryzen™ Ai 300 Series Processors (Formerly Codenamed "Strix Point") — versions 7.06.02.123
Amd Ryzen™ Al Max+ — versions 7.06.02.123
Amd Ryzen™ Embedded 8000 Series Processors — versions amd_chipset_software_7.06.02.123.exe

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

psirt@amd.com