CVE-2025-29936 | THREATINT

Description

Improper input validation within the AMD Platform Management Framework (PMF) could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality.

PUBLISHED Reserved 2025-03-12 | Published 2026-05-15 | Updated 2026-05-15 | Assigner AMD

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status

affected

7.06.02.123

unaffected

Default status

affected

7.06.02.123

unaffected

Default status

affected

7.06.02.123

unaffected

Default status

affected

7.06.02.123

unaffected

Default status

affected

7.06.02.123

unaffected

Default status

affected

7.06.02.123

unaffected

Default status

affected

amd_chipset_software_7.06.02.123.exe

unaffected

Credits

Reported through AMD Bug Bounty Program

References

www.amd.com/...es/product-security/bulletin/AMD-SB-4015.html

cve.org (CVE-2025-29936)

nvd.nist.gov (CVE-2025-29936)

Download JSON