QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-0034

Back to search

CVE-2025-0034

Published: Sep 6, 2025

Modified: Sep 8, 2025

PUBLISHED

CVSS v3.1

4.7

MEDIUM

Description

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service.

VendorProductVersions

AMD

AMD Instinct™ MI300X

unaffected
ROCm 6.3

AMD

AMD Instinct™ MI325X

unaffected
ROCm 6.3

Weaknesses (CWE)

CWE-787

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now