A buffer overflow exists in the AMD Sensor Fusion Hub Driver, allowing a local attacker to write beyond the bounds of an internal buffer by triggering a memory write operation. The flaw is classified as CWE-120, and its exploitation can cause the driver—and potentially the system—to crash or become unstable, resulting in a denial of service. No unauthorized code execution or data disclosure is described, so the primary impact is availability disruption rather than confidentiality or integrity compromise.

The vulnerability affects a broad range of AMD mobile processors and embedded platforms, including the Athlon 3000 Series, RYZEN 7000 is embedded, Ryzen 3000–8000 mobile series, and the Ryzen AI and Embedded 8000 series. The vendor notes that the issue manifests in any device that utilizes the Sensor Fusion Hub Driver, but specific firmware or BIOS levels are not enumerated, so any system running the driver should be assumed potentially impacted.

The CVSS score of 6.8 reflects a moderate severity that requires local privileges or physical access to leverage the exploit. EPSS data are not available, suggesting no widespread exploitation reports yet, and the vulnerability is not listed in CISA’s KEV catalog. Because the attack vector is local, the risk to remote users is minimized, but users who have administrative or privileged access to the affected device should consider the possibility of a service outage if the driver crashes during operation.