CNNVD-202509-951 Information
CNNVD ID
CNNVD-202509-951
Related CVE
- CNNVD Published: 2025-09-06
Description (Chinese)
AMD Embedded Processors等都是美国超威半导体(AMD)公司的产品。AMD Embedded Processors是一系列嵌入式高性能 GPU。AMD Client Processor是面向客户端设备(如个人电脑、笔记本电脑等)的处理器。AMD Server Processor是面向服务器市场的处理器产品,主要用于数据中心、云计算、高性能计算等领域。 AMD多款产品存在安全漏洞,该漏洞源于对DIMM串行存在检测元数据输入验证不当,可能导致攻击者绕过SMM隔离,在SMM级别执行任意代码。以下产品及版本受到影响:AMD Client Processor、AMD Server Processor和AMD Embedded Processors。
Description (English)
AMD Embeded Products and others are products of U.S. superconductor (AMD) companies. AMD Embeded Products is a set of embedded high-performance GPUs. AMD Clinic Processor is a processor for client-oriented devices such as personal computers, laptops, etc. AMD Server Processor is a processor product for the server market and is used mainly in the areas of data centres, cloud computing and high performance computing. There is a safety gap in a number of AMD products, which stems from the improper validation of the detection metadata input in the DIM serial, which could lead to the attackers bypassing the SMM and enforcing any code at the SMM level. The following products and versions were affected: AMD Clinic Processor, AMD Server Processor and AMD Embededed Procsors.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
超微半导体
Published
2025-09-06
Last Modified
2026-02-24
References
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3014.html https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-4012.html https://vigilance.fr/vulnerability/AMD-EPYC-Processor-multiple-vulnerabilities-dated-13-08-2025-47969
Patch
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-5007.html
Share on: