Insufficient Parameter Sanitization in TEE SOC Driver by AMD
CVE-2025-0034

4.7MEDIUM

Key Information:

Vendor: Amd
Status: Amd Instinct™ Mi300x; Amd Instinct™ Mi325x
Vendor: CVE Published:; 6 September 2025

What is CVE-2025-0034?

The TEE SOC Driver from AMD is susceptible to insufficient parameter sanitization, allowing attackers to send malformed commands. This flaw could enable unauthorized access to memory regions, leading to reading or writing beyond allocated arrays. Consequently, it undermines the integrity of the platform and may trigger a denial of service, potentially disrupting normal operations.

Affected Version(s)

AMD Instinct™ MI300X ROCm 6.3

AMD Instinct™ MI325X ROCm 6.3

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2025
Vulnerability Reserved
Nov 21, 2024

Amd

What is CVE-2025-0034?

Affected Version(s)

References

CVSS V3.1

Timeline