Home

Description

In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.

PUBLISHED Reserved 2024-11-21 | Published 2025-10-06 | Updated 2025-10-06 | Assigner AMD




MEDIUM: 6.6CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Problem types

CWE-1284 - Improper Validation of Specified Quantity in Input

Product status

Default status
affected

PMU Firmware version TBD
affected

Default status
affected

PMU Firmware version TBD
affected

Default status
affected

PMU Firmware version TBD
affected

References

www.amd.com/...es/product-security/bulletin/amd-sb-8008.html

cve.org (CVE-2025-0038)

nvd.nist.gov (CVE-2025-0038)

Download JSON