CVE-2025-0038_CVE-2025-0038

6.6 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Description

In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.

Basic Information

ID CVE-2025-0038

Source AMD

Published Oct 6, 2025 at 16:08

Modified Oct 6, 2025 at 17:16

Affected Product

Vendor AMD

Product Kria(TM) SOM

Version PMU Firmware version TBD

Affected Versions AMD Kria(TM) SOM PMU Firmware version TBD
AMD Zynq UltraScale+ MPSoCs PMU Firmware version TBD
AMD Zynq UltraScale+ RFSoCs PMU Firmware version TBD

CWE Classification

CWE-1284

References

www.amd.com /en/resources/product-security/bulletin/amd-sb-8008.html

{
    "lastseen": "",
    "description": "In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality.",
    "published": "2025-10-06T16:08:59.227Z",
    "modified": "2025-10-06T17:16:22.921Z",
    "type": "cve",
    "title": "CVE-2025-0038",
    "source": "AMD",
    "references": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8008.html",
    "id": "CVE-2025-0038",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1284"
    ],
    "cvelist": null,
    "sourceData": "AMD Kria(TM) SOM PMU Firmware version TBD\nAMD Zynq UltraScale+ MPSoCs PMU Firmware version TBD\nAMD Zynq UltraScale+ RFSoCs PMU Firmware version TBD",
    "sourceHref": "",
    "cvss": {
        "score": 6.6,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Kria(TM) SOM",
    "version": "PMU Firmware version TBD",
    "vendor": "AMD",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}