Stack Memory Overwrite Vulnerability in AMD Products
CVE-2025-29950

7.1HIGH

Key Information:

Vendor: Amd
Status: Amd Epyc™ 9004 Series Processors; Amd Epyc™ 7003 Series Processors; Amd Epyc™ 7002 Series Processors; Amd Epyc™ 7001 Series Processors
Vendor: CVE Published:; 10 February 2026

What is CVE-2025-29950?

A vulnerability due to improper input validation in the system management mode (SMM) of various AMD products allows a privileged attacker to exploit this flaw. By leveraging the vulnerability, an attacker can overwrite stack memory, potentially leading to arbitrary code execution. This poses significant security risks, making it critical for users of impacted AMD products to update their systems and follow recommended security practices.

Affected Version(s)

AMD EPYC™ 7001 Series Processors NaplesPI 1.0.0.R

AMD EPYC™ 7002 Series Processors RomePI 1.0.0.N

AMD EPYC™ 7003 Series Processors MilanPI 1.0.0.H

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Mar 12, 2025

Credit

Reported through AMD Bug Bounty Program

CVE-2025-29950 Data

JSON

Amd

What is CVE-2025-29950?

Affected Version(s)

References

CVSS V4

Timeline

Credit