CVE-2025-0036 | THREATINT

Description

In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data.

PUBLISHED Reserved 2024-11-21 | Published 2025-06-09 | Updated 2025-06-30 | Assigner AMD

LOW: 3.2CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

Problem types

CWE-682 Incorrect Calculation

CWE-772 Missing Release of Resource after Effective Lifetime

CWE-940 Improper Verification of Source of a Communication Channel

CWE-941 Incorrectly Specified Destination in a Communication Channel

CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

Default status

affected

2025.1 release (custom)

unaffected

Default status

affected

2025.1 release

unaffected

Default status

affected

2025.1 release

unaffected

Default status

affected

2025.1 release

unaffected

Default status

affected

2025.1 release

unaffected

Default status

affected

2025.1 release

unaffected

Default status

affected

2025.1 release

unaffected

Default status

affected

2025.1 release

unaffected

References

www.amd.com/...es/product-security/bulletin/amd-sb-8011.html

cve.org (CVE-2025-0036)

nvd.nist.gov (CVE-2025-0036)

Download JSON

help @ threatint.eu