CVE-2025-0032

Summary

Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.4unaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.1bunaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5PI 1.2.0.3cunaffected
AMDAMD Ryzen™ 9000HX Series ProcessorsFireRangeFL1PI 1.0.0.0aunaffected
AMDAMD Ryzen™ Al Max+StrixHaloPI-FP11_1.0.0.1unaffected
AMDAMD Ryzen™ Threadripper™ 9000 seriesShimadaPeakPI-SP6 1.0.0.1unaffected
AMDAMD EPYC™ Embedded 9000 Series ProcessorsEmbturin PI 1.0.0.0unaffected

Weaknesses

  • CWE-459: CWE-459 Incomplete Cleanup

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References