NULL Pointer Dereference Vulnerability in AMD Crash Defender
CVE-2025-0009

5.5MEDIUM

Key Information:

Vendor

Amd
Status
Amd Ryzen™ 7035 Series Processor With Radeon™ Graphics
Amd Athlon™ 3000 Series Mobile Processors With Radeon™ Graphics
Amd Athlon™ 3000 Series Desktop Processors With Radeon™ Graphics
Amd Ryzen™ 7000 Series Desktop Processors
Vendor
CVE Published:
6 September 2025

What is CVE-2025-0009?

A vulnerability exists in AMD Crash Defender that allows a NULL pointer dereference. This flaw could enable an attacker to write a NULL output to a log file, potentially leading to a system crash and disruption of service. It is crucial for users of affected versions to take corrective measures to prevent the risk of system unavailability.

Affected Version(s)

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01), AMD Software: PRO Edition 24.Q4 (24.20.30)

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01), AMD Software: PRO Edition 24.Q4 (24.20.30)

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics AMD Software: Adrenalin Edition 24.10.1 (24.20.19.01), AMD Software: PRO Edition 24.Q4 (24.20.30)

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Reported through AMD Bug Bounty Program
.
CVE-2025-0009 : NULL Pointer Dereference Vulnerability in AMD Crash Defender