Memory Access Vulnerability in AMD Zynq UltraScale+ Devices
CVE-2025-0038

6.6MEDIUM

Key Information:

Vendor: Amd
Status: Kria(tm) Som; Zynq Ultrascale+ Mpsocs; Zynq Ultrascale+ Rfsocs
Vendor: CVE Published:; 6 October 2025

What is CVE-2025-0038?

A vulnerability exists in AMD Zynq UltraScale+ devices due to insufficient address validation when executing CSU runtime services via the PMU Firmware. This flaw can potentially enable unauthorized access to isolated or protected memory spaces, posing risks to both the integrity and confidentiality of the system. Users of affected devices are advised to take appropriate security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Kria(TM) SOM PMU Firmware version TBD

Zynq UltraScale+ MPSoCs PMU Firmware version TBD

Zynq UltraScale+ RFSoCs PMU Firmware version TBD

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 6, 2025
Vulnerability Reserved
Nov 21, 2024

JSON

Amd