CVE-2025-29950

Summary

Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9004 Series ProcessorsGenoaPI 1.0.0.Gunaffected
AMDAMD EPYC™ 7003 Series ProcessorsMilanPI 1.0.0.Hunaffected
AMDAMD EPYC™ 7002 Series ProcessorsRomePI 1.0.0.Nunaffected
AMDAMD EPYC™ 7001 Series ProcessorsNaplesPI 1.0.0.Runaffected
AMDAMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.6unaffected
AMDAMD Instinct™ MI300AMI300A 1.0.0.Bunaffected
AMDAMD EPYC™ 9V64H ProcessorMI300C 1.0.0.2unaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000WX ProcessorsChagallWSPI-sWRX8 1.0.0.Cunaffected
AMDAMD Ryzen™ Threadripper™ PRO 3000WX ProcessorsCastlePeakWSPI-sWRX8 1.0.0.Iunaffected
AMDAMD Ryzen™ Threadripper™ PRO 5000 WX-Series ProcessorsChagallWSPI-sWRX8 1.0.0.Cunaffected
AMDAMD Ryzen™ Threadripper™ 7000 ProcessorsStormPeakPI-SP6_1.0.0.1lunaffected
AMDAMD Ryzen™ Threadripper™ 7000 ProcessorsShimadaPeakPI-SP6_1.0.0.1unaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsStormPeakPI-SP6_1.1.0.0junaffected
AMDAMD Ryzen™ Threadripper™ PRO 7000 WX-Series ProcessorsShimadaPeakPI-SP6_1.0.0.1unaffected
AMDAMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6_1.0.0.1unaffected
AMDAMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6_1.0.0.1unaffected
AMDAMD EPYC™ Embedded 7003 Series ProcessorsEmbMilanPI-SP3 v9 1.0.0.Cunaffected
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed “Genoa”)EmbGenoaPI-SP5 1.0.0.Bunaffected
AMDAMD EPYC™ Embedded 7002 Series ProcessorsEmbRomePI-SP3 1.0.0.Funaffected
AMDAMD EPYC™ Embedded 3000 Series ProcessorsSnowyOwl_SP4_SP4r2.1.1.0.Hunaffected
AMDAMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5_1.0.0.1unaffected
AMDAMD EPYC™ Embedded 9004 Series Processors (formerly codenamed “Bergamo”)EmbGenoaPI-SP5 1.0.0.Bunaffected
AMDAMD EPYC™ Embedded 8004 Series ProcessorsEmbGenoaPI-SP5 1.0.0.Bunaffected

Weaknesses

  • CWE-1274: CWE-1274 Improper Access Control for Volatile Memory Containing Boot Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References