CVE-2025-29934 - Vulnerability Details - OpenCVE

A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00011.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3029.html

History

Fri, 21 Nov 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 21 Nov 2025 19:00:00 +0000

Type	Values Removed	Values Added
Description		A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.
Weaknesses		CWE-459
References		https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3029.html
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N'}`

MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2025-11-21T18:45:16.849Z

Updated: 2025-11-23T17:30:46.143Z

Reserved: 2025-03-12T15:14:59.391Z

Link: CVE-2025-29934

Vulnrichment

Updated: 2025-11-21T19:03:07.892Z

NVD

Status : Received

Published: 2025-11-21T19:15:47.847

Modified: 2025-11-21T19:15:47.847

Link: CVE-2025-29934

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-29934", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "state": "PUBLISHED", "assignerShortName": "AMD", "dateReserved": "2025-03-12T15:14:59.391Z", "datePublished": "2025-11-21T18:45:16.849Z", "dateUpdated": "2025-11-23T17:30:46.143Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "AMD EPYC\u2122 9004 Series Processors", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "Genoa 1.0.0.E"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 9005 Series Processors", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "Turin 1.0.0.6"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 8004 Series Processors", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "Genoa 1.0.0.E"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 Embedded 7003 Series Processors", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "EmbMilanPI-SP3 v9 1.0.0.B"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-SP5 1.0.0.A"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 Embedded 9005 Series Processors", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "EmbTurinPI-SP5 1.0.0.1"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-SP5 1.0.0.A"}]}, {"defaultStatus": "affected", "product": "AMD EPYC\u2122 Embedded 8004 Series Processors", "vendor": "AMD", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-SP5 1.0.0.A"}]}], "datePublic": "2025-11-21T18:44:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.\t\r\n<br>"}], "value": "A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-459", "description": "CWE-459 Incomplete Cleanup", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2025-11-23T17:30:46.143Z"}, "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3029.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "AMD PSIRT Automation 1.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-21T19:02:59.284742Z", "id": "CVE-2025-29934", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-21T19:03:15.508Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-29934", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-21T19:02:59.284742Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-21T19:03:07.892Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "AMD", "product": "AMD EPYC\u2122 9004 Series Processors", "versions": [{"status": "unaffected", "version": "Genoa 1.0.0.E"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 9005 Series Processors", "versions": [{"status": "unaffected", "version": "Turin 1.0.0.6"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 8004 Series Processors", "versions": [{"status": "unaffected", "version": "Genoa 1.0.0.E"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 7003 Series Processors", "versions": [{"status": "unaffected", "version": "EmbMilanPI-SP3 v9 1.0.0.B"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-SP5 1.0.0.A"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 9005 Series Processors", "versions": [{"status": "unaffected", "version": "EmbTurinPI-SP5 1.0.0.1"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-SP5 1.0.0.A"}], "defaultStatus": "affected"}, {"vendor": "AMD", "product": "AMD EPYC\u2122 Embedded 8004 Series Processors", "versions": [{"status": "unaffected", "version": "EmbGenoaPI-SP5 1.0.0.A"}], "defaultStatus": "affected"}], "datePublic": "2025-11-21T18:44:00.000Z", "references": [{"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3029.html"}], "x_generator": {"engine": "AMD PSIRT Automation 1.0"}, "descriptions": [{"lang": "en", "value": "A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.", "supportingMedia": [{"type": "text/html", "value": "A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.\t\r\n<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-459", "description": "CWE-459 Incomplete Cleanup"}]}], "providerMetadata": {"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "shortName": "AMD", "dateUpdated": "2025-11-23T17:30:46.143Z"}}}, "cveMetadata": {"cveId": "CVE-2025-29934", "state": "PUBLISHED", "dateUpdated": "2025-11-23T17:30:46.143Z", "dateReserved": "2025-03-12T15:14:59.391Z", "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648", "datePublished": "2025-11-21T18:45:16.849Z", "assignerShortName": "AMD"}, "dataVersion": "5.2"}