CVE-2025-0005
📋 TL;DR
An integer overflow vulnerability in the XOCL driver allows local attackers to cause denial of service or system crashes. This affects systems using AMD XOCL drivers with improper input validation. Only local attackers can exploit this vulnerability.
💻 Affected Systems
- AMD XOCL Driver
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system crash requiring reboot, potentially leading to data loss or extended downtime in critical systems.
Likely Case
Local denial of service affecting the XOCL driver functionality, causing application crashes or system instability.
If Mitigated
Minimal impact with proper access controls preventing local user exploitation.
🎯 Exploit Status
Requires local user access and knowledge of driver interaction. CWE-190 vulnerabilities typically require specific input conditions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check AMD advisory for specific patched driver versions
Vendor Advisory: https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-8014.html
Restart Required: Yes
Instructions:
1. Visit AMD security advisory AMD-SB-8014
2. Download latest XOCL driver for your OS
3. Install updated driver
4. Reboot system
🔧 Temporary Workarounds
Restrict local user access
allLimit local user accounts to trusted personnel only
Disable XOCL driver if unused
allRemove or disable XOCL driver if not required for system functionality
Linux: modprobe -r xocl
Windows: Disable device in Device Manager
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges
- Monitor systems for unexpected crashes or driver failures
🔍 How to Verify
Check if Vulnerable:
Check XOCL driver version against AMD advisory. Linux: modinfo xocl | grep version. Windows: Check driver version in Device Manager.Check Version:
Linux: modinfo xocl | grep version; Windows: Check driver properties in Device ManagerVerify Fix Applied:
Verify driver version matches patched version from AMD advisory and test system stability.📡 Detection & Monitoring
Log Indicators:
- System crash logs
- Kernel panic messages
- Driver failure events in system logs
Network Indicators:
- None - local vulnerability only
SIEM Query:
EventID: 41 OR 'kernel panic' OR 'driver fault' OR 'XOCL crash'