AMD Computer Hardware, Processor Manufacturer
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any AMD product.
RSS Feeds for AMD security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in AMD products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by AMD Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 43 vulnerabilities in AMD with an average score of 7.1 out of ten. Last year, in 2025 AMD had 41 security vulnerabilities published. That is, 2 more vulnerabilities have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.54.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 43 | 7.13 |
| 2025 | 41 | 6.59 |
| 2024 | 18 | 6.89 |
| 2023 | 9 | 6.63 |
| 2022 | 14 | 6.56 |
| 2021 | 36 | 6.35 |
| 2020 | 9 | 6.70 |
It may take a day or so for new AMD vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent AMD Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2023-31364 | Feb 26, 2026 |
AMD IOMMU VM DoS via Direct Memory WriteImproper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service. |
|
| CVE-2024-21961 | Feb 12, 2026 |
Guest VM PCIe Buffer Overrun Enables Host DoSImproper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability. |
|
| CVE-2025-54519 | Feb 12, 2026 |
Doc Nav DLL Hijacking Priv Esc via LocalA DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
|
| CVE-2023-31323 | Feb 12, 2026 |
CVE-2023-31323 AMD ASP Type Confusion: XGMI TA Memory SafetyType confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability. |
|
| CVE-2024-36319 | Feb 12, 2026 |
AMD VCN FW Debug Code Enables HW Register R/W ExploitDebug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system. |
|
| CVE-2023-20601 | Feb 12, 2026 |
RAS TA Driver OOB Memory Access (CVE-2023-20601)Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition. |
|
| CVE-2025-52533 | Feb 12, 2026 |
CVE-2025-52533: Improper AC in On-Chip Debug InterfaceImproper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity. |
|
| CVE-2023-31313 | Feb 12, 2026 |
AMD PMFW SMU ARX via Malformed Proxy MessagesAn unintended proxy or intermediary in the AMD power management firmware (PMFW) could allow a privileged attacker to send malformed messages to the system management unit (SMU) potentially resulting in arbitrary code execution. |
|
| CVE-2025-61969 | Feb 11, 2026 |
AMD Prof Privilege Escalation via Incorrect Permission AssignmentIncorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
|
| CVE-2025-52541 | Feb 11, 2026 |
DLL Hijacking in Vivado Design Suite - Privilege EscalationA DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
|
| CVE-2023-20548 | Feb 11, 2026 |
AMD Secure Processor TOCTOU Memory Corruption (CVE-2023-20548)A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability. |
|
| CVE-2023-31324 | Feb 11, 2026 |
AMD Secure Processor TOCTOU CVE-2023-31324: XGMI TA Command ModificationA Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor (ASP) could allow an attacker to modify External Global Memory Interconnect Trusted Agent (XGMI TA) commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability. |
|
| CVE-2025-48518 | Feb 11, 2026 |
AMD Graphics Driver OOB Write via Improper Input Validation (Local)Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service. |
|
| CVE-2024-36320 | Feb 11, 2026 |
Integer Overflow in atihdwt6.sys (AMD Radeon Driver) WindowsInteger Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability |
|
| CVE-2023-20514 | Feb 11, 2026 |
AMD Secure Processor Parameter Leak Enables Arbitrary Code ExecImproper handling of parameters in the AMD Secure Processor (ASP) could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution |
|
| CVE-2024-36324 | Feb 11, 2026 |
AMD Graphics Driver Flaw Allows Pointer Abuse for Arbitrary CodeImproper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution. |
|
| CVE-2025-48508 | Feb 11, 2026 |
GPU GFX Hardware IP reset flow flaw allows privileged VM to crash hostImproper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service. |
|
| CVE-2024-36316 | Feb 11, 2026 |
AMD Graphics Driver Integer Overflow Bypass Size Checks DoSThe integer overflow vulnerability within AMD Graphics driver could allow an attacker to bypass size checks potentially resulting in a denial of service |
|
| CVE-2025-48503 | Feb 11, 2026 |
DLL Hijacking in AMD Software Installer (Priv Esc)A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. |
|
| CVE-2025-29951 | Feb 10, 2026 |
AMD ASP Bootloader Buffer Overflow Enables Priv EscalationA buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution. |
|
| CVE-2024-36311 | Feb 10, 2026 |
TOCTOU Race in SMM Communications Buffer Allowing Privileged Out-of-Bounds AccessA Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability. |
|
| CVE-2025-48515 | Feb 10, 2026 |
AMD ASP Boot Loader Param Sanitization Flaw Enables SPIROM Overwrite Arbitrary ExecInsufficient parameter sanitization in AMD Secure Processor (ASP) Boot Loader could allow an attacker with access to SPIROM upgrade to overwrite the memory, potentially resulting in arbitrary code execution. |
|
| CVE-2021-26410 | Feb 10, 2026 |
Improper Syscall Input Validation in AMD Secure Processor (ASP) Enables Kernel Memory DisclosureImproper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure. |
|
| CVE-2021-26381 | Feb 10, 2026 |
Android Trusted OS Syscall Param Validation Vulnerability (CVE-2021-26381)Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory corruption. |
|
| CVE-2025-29949 | Feb 10, 2026 |
AMD Secure Processor Boot Loader OOB Write via Unsanitized InputInsufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service. |
|
| CVE-2024-36355 | Feb 10, 2026 |
CVE-2024-36355: Ring0 SMM SMRAM Input Validation flaw for Wakeup ExecImproper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution. |
|
| CVE-2024-36310 | Feb 10, 2026 |
Intel SMM Buffer OOB Read/Write via Improper Input ValidationImproper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity. |
|
| CVE-2025-29946 | Feb 10, 2026 |
AMD SEV Firmware IOMMU Flush Failure Causing Guest Memory LeakageInsufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. |
|
| CVE-2025-0029 | Feb 10, 2026 |
KVM SEV-SNP DMA Write Drop Local Privilege EscalationImproper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity |
|
| CVE-2025-0031 | Feb 10, 2026 |
AMD SEV Firmware UAF Allows Hypervisor Guest Activation AttackA use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. |
|
| CVE-2025-48514 | Feb 10, 2026 |
Insuff Gran Access Control in AMD SEV Firmware Enables Privileged Guest CreationInsufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality. |
|
| CVE-2025-54514 | Feb 10, 2026 |
CVE-2025-54514 SoC Shared Resource Isolation Flaw Partial Integrity LossImproper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity. |
|
| CVE-2025-48509 | Feb 10, 2026 |
Missing RMP Init Checks Allow Local Admin to Corrupt Guest Memory IntegrityMissing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity |
|
| CVE-2025-52534 | Feb 10, 2026 |
Improper Bound Check in AMD CPU Microcode Enables Guest Write to Host MemoryImproper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity. |
|
| CVE-2025-0012 | Feb 10, 2026 |
Intel RMP/SMM Overlap May Corrupt Memory (CVE-2025-0012)Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality. |
|
| CVE-2025-29939 | Feb 10, 2026 |
SEV Improper Access Control in Secure Nested Paging (SNP)Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially resulting in a loss of guest memory confidentiality and integrity. |
|
| CVE-2024-21953 | Feb 10, 2026 |
IOMMU Improper Input Validation Lets Hypervisor Reconfigure RegistersImproper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity. |
|
| CVE-2025-29950 | Feb 10, 2026 |
CVE-2025-29950: Privileged SMM Input Validation Flaw Allows Code ExecImproper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. |
|
| CVE-2025-29952 | Feb 10, 2026 |
AMD SEV Firmware Improper Init Corrupts RMP MemoryImproper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity |
|
| CVE-2025-52536 | Feb 10, 2026 |
AMD SEV Firmware Downgrade via Lock Bit ModificationImproper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity. |
|
| CVE-2025-48517 | Feb 10, 2026 |
Insufficient Access Control in SEV Firmware Enables ASID LeakageInsufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality. |
|
| CVE-2025-29948 | Feb 10, 2026 |
AMD SEV Firmware Improper Access Control Enables Hypervisor RMP BypassImproper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity. |
|
| CVE-2025-29943 | Jan 16, 2026 |
AMD CPU pipeline config flaw lets admin corrupt SEVSNP stack ptrWrite what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest. |
|
| CVE-2025-29933 | Nov 24, 2025 |
AMD uProf Local OOB Write via Improper Input ValidationImproper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service |
|
| CVE-2025-48511 | Nov 24, 2025 |
AMD uprof Local Arbitrary Physical Write via Improper ValidationImproper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. |
|
| CVE-2025-48510 | Nov 24, 2025 |
AMD uProf return value flaw bypasses KSLRImproper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability. |
Uprof
|
| CVE-2025-52538 | Nov 24, 2025 |
CVE-2025-52538: XOCL Driver Integer Overflow Allowing Local AttackImproper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in loss of confidentiality or availability. |
|
| CVE-2025-0003 | Nov 24, 2025 |
Xilinx XRT UAF via inadequate lock protectionInadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of confidentiality or availability |
|
| CVE-2025-0007 | Nov 24, 2025 |
Xilinx Run Time (XRT) Framework RCE via Local Priv EscInsufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentially compromising confidentiality, integrity, and/or availability. |
|
| CVE-2025-0005 | Nov 24, 2025 |
Xilinx XOCL Driver Integer Overflow DoSImproper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash or denial of service. |