CVE-2025-29952

Summary

Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.6unaffected
AMDAMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5_1.0.0.1unaffected

Weaknesses

  • CWE-457: CWE-457 Use of Uninitialized Variable

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References