AMD SEV Firmware IOMMU Flush Failure Causing Guest Memory Leakage
CVE-2025-29946 Published on February 10, 2026

Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.

NVD

Weakness Type

Insufficient or Incomplete Data Removal within Hardware Component

The product's data removal process does not completely delete all data and potentially sensitive information within hardware components.

Affected Versions

AMD EPYC™ 9005 Series Processors:

Version TurinPI 1.0.0.6 is unaffected.

AMD EPYC™ Embedded 9005 Series Processors:

Version EmbTurinPI-SP5_1.0.0.1 is unaffected.

Exploit Probability

EPSS

0.01%

Percentile

0.52%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

AMD SEV Firmware IOMMU Flush Failure Causing Guest Memory LeakageCVE-2025-29946 Published on February 10, 2026

Weakness Type

Insufficient or Incomplete Data Removal within Hardware Component

Affected Versions

Exploit Probability

AMD SEV Firmware IOMMU Flush Failure Causing Guest Memory Leakage
CVE-2025-29946 Published on February 10, 2026