CVE-2025-0009 - Vulnerability Details

A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Amd	Athlon Radeon Pro V520 Radeon Pro V620 Radeon Pro V710 Radeon Pro W5000 Radeon Pro W6000 Radeon Pro W7000 Radeon Rx 5000 Radeon Rx 6000

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Amd	Athlon Radeon Pro V520 Radeon Pro V620 Radeon Pro V710 Radeon Pro W5000 Radeon Pro W6000 Radeon Pro W7000 Radeon Rx 5000 Radeon Rx 6000

Advisories

Source	ID	Title
EUVD	EUVD-2025-27147	A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html

History

Mon, 08 Sep 2025 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Amd Amd athlon Amd radeon Pro V520 Amd radeon Pro V620 Amd radeon Pro V710 Amd radeon Pro W5000 Amd radeon Pro W6000 Amd radeon Pro W7000 Amd radeon Rx 5000 Amd radeon Rx 6000
Vendors & Products		Amd Amd athlon Amd radeon Pro V520 Amd radeon Pro V620 Amd radeon Pro V710 Amd radeon Pro W5000 Amd radeon Pro W6000 Amd radeon Pro W7000 Amd radeon Rx 5000 Amd radeon Rx 6000

Mon, 08 Sep 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sat, 06 Sep 2025 18:30:00 +0000

Type	Values Removed	Values Added
Description		A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
Weaknesses		CWE-476
References		https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2025-09-06T18:12:45.679Z

Updated: 2025-09-08T14:35:46.513Z

Reserved: 2024-10-10T20:27:45.840Z

Link: CVE-2025-0009

Vulnrichment

Updated: 2025-09-08T14:35:43.863Z

NVD

Status : Awaiting Analysis

Published: 2025-09-06T19:15:37.690

Modified: 2025-09-08T16:25:38.810

Link: CVE-2025-0009

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-09-08T15:17:39Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object