CVE-2025-29934

Summary

A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9004 Series ProcessorsGenoa 1.0.0.Eunaffected
AMDAMD EPYC™ 9005 Series ProcessorsTurin 1.0.0.6unaffected
AMDAMD EPYC™ 8004 Series ProcessorsGenoa 1.0.0.Eunaffected
AMDAMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 v9 1.0.0.Bunaffected
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed “Genoa”)EmbGenoaPI-SP5 1.0.0.Aunaffected
AMDAMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5 1.0.0.1unaffected
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed “Bergamo”)EmbGenoaPI-SP5 1.0.0.Aunaffected
AMDAMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.Aunaffected

Weaknesses

  • CWE-459: CWE-459 Incomplete Cleanup

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References