Local Privilege Escalation Vulnerability in AMD Products
CVE-2025-0029

1.8LOW

Key Information:

Vendor: Amd
Status: Amd Epyc™ 9005 Series Processors; Amd Epyc™ Embedded 9005 Series Processors
Vendor: CVE Published:; 10 February 2026

What is CVE-2025-0029?

This vulnerability involves improper handling of error conditions during host-induced faults. An attacker with local high privileges could exploit this flaw to selectively drop guest Direct Memory Access (DMA) writes, which may compromise the integrity of memory allocated to SEV-SNP guests. This presents a significant risk, as it could allow unauthorized access or manipulation of sensitive guest data.

Affected Version(s)

AMD EPYC™ 9005 Series Processors TurinPI 1.0.0.5

AMD EPYC™ Embedded 9005 Series Processors EmbTurinPI-SP5_1.0.0.0

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

1.8

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Nov 21, 2024

CVE-2025-0029 Data

JSON

Amd

What is CVE-2025-0029?

Affected Version(s)

References

CVSS V4

Timeline