CVE-2025-48502
Severity
5.5MEDIUM
EPSS
0.0%
top 84.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 21
Description
Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
2CVEList▶
CVE-2025-48502: Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service↗2025-11-21
GHSA▶
GHSA-j3jg-v72q-9mx9: Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service↗2025-11-21
📋Vendor Advisories
1Microsoft▶
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.↗2023-05-09