Buffer overflow in Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service.

Vulnerability class: Buffer Overflow

EPSS: 0.000 (6.1th percentile) — read the EPSS interpretation.

Affected products

Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics — versions PicassoPI-FP5_1.0.1.2c
Amd Ryzen™ 3000 Series Desktop Processors — versions ComboAM4v2PI_1.2.0.F, ComboAM4 1.0.0.F
Amd Ryzen™ 3000 Series Mobile Processors With Radeon™ Graphics — versions PicassoPI-FP5_1.0.1.2c
Amd Ryzen™ 4000 Series Desktop Processors — versions ComboAM4v2PI_1.2.0.F
Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics — versions RenoirPI-FP6_1.0.0.Ec
Amd Ryzen™ 5000 Series Desktop Processors — versions ComboAM4v2PI_1.2.0.F
Amd Ryzen™ 5000 Series Desktop Processors With Radeon™ Graphics — versions ComboAM4v2PI_1.2.0.F
Amd Ryzen™ 5000 Series Mobile Processors With Radeon™ Graphics — versions CezannePI-FP6_1.0.1.1c
Amd Ryzen™ 6000 Series Processors With Radeon™ Graphics — versions RembrandtPI-FP7_1.0.0.BD
Amd Ryzen™ 7020 Series Processors With Radeon™ Graphics — versions MendocinoPI-FT6_1.0.0.7c

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

www.amd.com/en/resources/product-security/bulletin/AMD-SB-4013.html