Input Validation Flaw in XOCL Driver Affects AMD Products
CVE-2025-0005

7.3HIGH

Key Information:

Vendor: Amd
Status: Xilinx Run Time (xrt)
Vendor: CVE Published:; 24 November 2025

What is CVE-2025-0005?

A vulnerability has been identified in the XOCL driver due to improper input validation, allowing local attackers to exploit it. This flaw can lead to an integer overflow, which might result in unexpected behaviors such as crashes or denial of service. It is crucial for users to be aware of this vulnerability and ensure they take appropriate security measures to mitigate potential risks.

Affected Version(s)

Xilinx Run Time (XRT) 2025.1

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 24, 2025
Vulnerability Reserved
Oct 10, 2024

Credit

Reported through AMD Bug Bounty Program

JSON