Input Validation Flaw in XOCL Driver Affects AMD Products
CVE-2025-52538

8HIGH

Key Information:

Vendor: Amd
Status: Xilinx Run Time (xrt)
Vendor: CVE Published:; 24 November 2025

What is CVE-2025-52538?

An improper input validation issue in the XOCL driver allows a local attacker to create an integer overflow condition. This vulnerability poses risks to confidentiality and system availability, enabling potential exploitation that could affect the performance and security of AMD products.

Affected Version(s)

Xilinx Run Time (XRT) 2025.1

References

https://www.amd.com/en/resources/product-security/bulleti...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 24, 2025
Vulnerability Reserved
Jun 17, 2025

Credit

Reported through AMD Bug Bounty Program

JSON