Memory Corruption Vulnerability in AMD Platform Management Framework
CVE-2025-29938

7.1HIGH

Key Information:

Vendor: Amd
Status: Amd Ryzen™ 7035 Series Processors With Radeon™ Graphics (formerly Codenamed "rembrandt R"); Amd Ryzen™ 7040 Series Mobile Processors With Radeon™ Graphics (formerly Codenamed "phoenix"); Amd Ryzen™ 8040 Series Mobile Processors With Radeon™ Graphics (formerly Codenamed "hawk Point"); Amd Ryzen Embedded 8000 Series Processors
Vendor: CVE Published:; 15 May 2026

What is CVE-2025-29938?

The AMD Platform Management Framework (PMF) contains a memory corruption vulnerability due to an unchecked return value. This flaw could potentially allow an attacker to manipulate memory, leading to denial of service or arbitrary code execution. Implementing robust input validation safeguards against such vulnerabilities is critical for maintaining system security.

Affected Version(s)

AMD Ryzen Embedded 8000 Series Processors AMD Ryzen™ Chipset Driver 7.06.02.123

AMD Ryzen™ 7035 Series Processors with Radeon™ Graphics (formerly codenamed "Rembrandt R") 7.06.02.123

AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics (formerly codenamed "Phoenix") 7.06.02.123

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
Mar 12, 2025

Credit

Reported through AMD Bug Bounty Program

CVE-2025-29938 Data

JSON