Summaryinfo

A vulnerability, which was classified as problematic, was found in AMD EPYC 9005 Processors and EPYC Embedded 9005 Processors. The impacted element is an unknown function of the component SEV-SNP Guest Memory. The manipulation results in error condition. This vulnerability is identified as CVE-2025-0029. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as problematic, was found in AMD EPYC 9005 Processors and EPYC Embedded 9005 Processors (affected version not known). Affected is some unknown functionality of the component SEV-SNP Guest Memory. The manipulation with an unknown input leads to a error condition vulnerability. CWE is classifying the issue as CWE-390. The product detects a specific error, but takes no actions to handle the error. This is going to have an impact on integrity. CVE summarizes:

Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity

The advisory is shared for download at amd.com. This vulnerability is traded as CVE-2025-0029 since 11/21/2024. The exploitability is told to be difficult. The attack needs to be approached locally. The exploitation needs additional levels of successful authentication. There are neither technical details nor an exploit publicly available.

Upgrading eliminates this vulnerability.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• AMD

Name

• EPYC 9005 Processors
• EPYC Embedded 9005 Processors

License

• commercial

CPE 2.3info

• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion