Out of Bounds Write in Linux Graphics Driver Affects AMD Products
CVE-2025-0010

6.1MEDIUM

Key Information:

Vendor: Amd
Status: Amd Radeon™ Rx 5000 Series Graphics Products; Amd Radeon™ Rx 6000 Series Graphics Products; Amd Radeon™ Rx 7000 Series Graphics Products; Amd Radeon™ Rx Vega Series Graphics Cards
Vendor: CVE Published:; 6 September 2025

What is CVE-2025-0010?

An out of bounds write vulnerability in AMD's Linux graphics driver allows an attacker to exploit the buffer overflow issue. This exploitation may lead to potential loss of confidentiality, integrity, or availability of the system. Proper mitigation strategies and timely updates are essential to safeguarding systems against this vulnerability.

Affected Version(s)

AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Radeon Software for Linux 24.30.2

AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Radeon Software for Linux 24.30.2

AMD Instinct™ MI200 ROCm 6.3

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2025
Vulnerability Reserved
Oct 10, 2024

Credit

Reported through AMD Bug Bounty Program