GPU GFX Hardware IP reset flow flaw allows privileged VM to crash host
CVE-2025-48508 Published on February 11, 2026

Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service.

NVD

Vulnerability Analysis

CVE-2025-48508 is exploitable with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH

Weakness Type

Improper Finite State Machines (FSMs) in Hardware Logic

Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system.


Affected Versions

AMD Radeon™ PRO V710 Version Contact your AMD Customer Engineering representative is unaffected by CVE-2025-48508

Exploit Probability

EPSS
0.01%
Percentile
0.45%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.