CVE-2025-0038 (GCVE-0-2025-0038)
Vulnerability from cvelistv5
Published
2025-10-06 16:08
Modified
2025-10-06 17:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1284 - - Improper Validation of Specified Quantity in Input
Summary
In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | AMD | Kria(TM) SOM |
Version: PMU Firmware version TBD |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0038",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-06T17:00:56.364010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T17:16:22.921Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Kria(TM) SOM",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
},
{
"defaultStatus": "affected",
"product": "Zynq UltraScale+ MPSoCs",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
},
{
"defaultStatus": "affected",
"product": "Zynq UltraScale+ RFSoCs",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "PMU Firmware version TBD"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.\u003cbr\u003e"
}
],
"value": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 - Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-06T16:08:59.227Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0038",
"datePublished": "2025-10-06T16:08:59.227Z",
"dateReserved": "2024-11-21T16:18:05.485Z",
"dateUpdated": "2025-10-06T17:16:22.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-0038\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2025-10-06T17:16:03.100\",\"lastModified\":\"2025-10-08T19:38:32.610\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\",\"baseScore\":6.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":4.7}]},\"weaknesses\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1284\"}]}],\"references\":[{\"url\":\"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html\",\"source\":\"psirt@amd.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0038\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-06T17:00:56.364010Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-06T17:00:58.497Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AMD\", \"product\": \"Kria(TM) SOM\", \"versions\": [{\"status\": \"affected\", \"version\": \"PMU Firmware version TBD\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"Zynq UltraScale+ MPSoCs\", \"versions\": [{\"status\": \"affected\", \"version\": \"PMU Firmware version TBD\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"AMD\", \"product\": \"Zynq UltraScale+ RFSoCs\", \"versions\": [{\"status\": \"affected\", \"version\": \"PMU Firmware version TBD\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1284\", \"description\": \"CWE-1284 - Improper Validation of Specified Quantity in Input\"}]}], \"providerMetadata\": {\"orgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"shortName\": \"AMD\", \"dateUpdated\": \"2025-10-06T16:08:59.227Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0038\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-06T17:16:22.921Z\", \"dateReserved\": \"2024-11-21T16:18:05.485Z\", \"assignerOrgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"datePublished\": \"2025-10-06T16:08:59.227Z\", \"assignerShortName\": \"AMD\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…