CNNVD-202509-949 Information
CNNVD ID
CNNVD-202509-949
Related CVE
- CNNVD Published: 2025-09-06
Description (Chinese)
AMD Embedded Processors等都是美国超威半导体(AMD)公司的产品。AMD Embedded Processors是一系列嵌入式高性能 GPU。AMD Client Processor是面向客户端设备(如个人电脑、笔记本电脑等)的处理器。AMD Server Processor是面向服务器市场的处理器产品,主要用于数据中心、云计算、高性能计算等领域。 AMD多款产品存在安全漏洞,该漏洞源于清理不当,可能导致本地管理员权限攻击者加载恶意CPU微码,影响x86指令执行的完整性。以下产品及版本受到影响:AMD Client Processor、AMD Server Processor和AMD Embedded Processors。
Description (English)
AMD Embeded Products and others are products of U.S. superconductor (AMD) companies. AMD Embeded Products is a set of embedded high-performance GPUs. AMD Clinic Processor is a processor for client-oriented devices such as personal computers, laptops, etc. AMD Server Processor is a processor product for the server market and is used mainly in the areas of data centres, cloud computing and high performance computing. There is a safety loophole in the AMD multi-products, which stems from inappropriate clean-up, which may lead local administrators to load malicious CPU microcodes with their attackers, affecting the integrity of the implementation of directive x86. The following products and versions were affected: AMD Clinic Processor, AMD Server Processor and AMD Embededed Procsors.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
超微半导体
Published
2025-09-06
Last Modified
2026-02-24
References
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3014.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html https://vigilance.fr/vulnerability/AMD-EPYC-Processor-multiple-vulnerabilities-dated-13-08-2025-47969
Patch
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html
Share on: