Vulnerability in Amd Epyc™ 9005 Series Processors

CVE-2025-29946

Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.

EPSS: 0.000 (0.4th percentile) — read the EPSS interpretation.

Affected products

Amd Epyc™ 9005 Series Processors — versions TurinPI 1.0.0.6
Amd Epyc™ Embedded 9005 Series Processors — versions EmbTurinPI-SP5_1.0.0.1

Weakness classification (CWE)

CWE-1301

References

www.amd.com/en/resources/product-security/bulletin/AMD-SB-3023.html