Memory Access Vulnerability in AMD Zynq UltraScale+ Devices
CVE-2025-0038
6.6MEDIUM
Key Information:
- Vendor
Amd
- Vendor
- CVE Published:
- 6 October 2025
What is CVE-2025-0038?
A vulnerability exists in AMD Zynq UltraScale+ devices due to insufficient address validation when executing CSU runtime services via the PMU Firmware. This flaw can potentially enable unauthorized access to isolated or protected memory spaces, posing risks to both the integrity and confidentiality of the system. Users of affected devices are advised to take appropriate security measures.
Affected Version(s)
Kria(TM) SOM PMU Firmware version TBD
Zynq UltraScale+ MPSoCs PMU Firmware version TBD
Zynq UltraScale+ RFSoCs PMU Firmware version TBD