CVE-2025-29943

MEDIUM

AMD CPUs - Privilege Escalation

Title source: llm

Description

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.

Exploits (1)

nomisec WORKING POC

by fevar54 · poc

https://github.com/fevar54/POC_CVE-2025-29943_Write-what-where-Condition

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3027.html

Scores

CVSS v4 4.6

EPSS 0.0001

EPSS Percentile 0.5%

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N

Details

CWE

CWE-123

Status published

Products (5)

AMD/AMD EPYC™ 8004 Series Processors Genoa++_1.0.0.H

AMD/AMD EPYC™ 9004 Series Processors Genoa++_1.0.0.H

AMD/AMD EPYC™ 9005 Series Processors TurinPI_1.0.0.6

AMD/AMD EPYC™ Embedded 7003 Series Processors EmbMilanPI-SP3 v9 1.0.0.C

AMD/AMD EPYC™ Embedded 9005 Series Processors EmbTurinPI-SP5_1.0.0.1

Published Jan 16, 2026

Tracked Since Feb 18, 2026