CVE-2025-66664

Vulnerability Description

Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception

Related Weaknesses (CWE)

CWE-125

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html

FAQ

What is CVE-2025-66664?

CVE-2025-66664 is a documented vulnerability. Insufficient parameter sanitization in AMD Secure Processor (ASP) TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_LOAD_GFX_IP_FW SR-IOV command to cause out-of-bounds read, ...

How severe is CVE-2025-66664?

CVSS scoring is not yet available for CVE-2025-66664. Check NVD for updates.

Is there a patch for CVE-2025-66664?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.