CVE-2025-66664

CVSS v4.0

4.6

Medium

Vector

AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID LOAD GFX IP FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2025-66664

Affected Products

Amd Instinct™ Mi210

Amd Instinct™ Mi250

Amd Instinct Mi300A

Amd Instinct™ Mi308X

Amd Instinct™ Mi325X

Amd Radeon™ Pro V520

Amd Radeon™ Pro V620

Amd Radeon™ Pro V710

Amd Radeon™ Pro W6000 Series Graphics Products

Amd Radeon™ Pro W7000 Series Graphics Products

Amd Radeon™ Rx 6000 Series Graphics Products

Amd Radeon™ Rx 7000 Series Graphics Products

CVE-2025-66664

Weakness Enumeration

Related Identifiers

Affected Products

References · 2