AMD EPYC 9005
Easy fix3 remedies
cpe:2.3:h:amd:epyc_server:*:*:*:*:*:*:*, +1 more
Easy fix3 remedies
AMD Zen 5 Processors RDSEED Entropy Vulnerability
Vulnerability
A vulnerability exists in AMD Zen 5 processors due to improper handling of entropy, which could allow a local attacker to manipulate the output of the RDSEED instruction. This manipulation may lead to the use of insufficiently random values, potentially compromising the integrity of applications relying on this randomness.
Impact
Exploitation of this vulnerability could result in the consumption of poorly random values, which may undermine the security of cryptographic operations or other processes dependent on high-quality randomness.
Remediation
AMD plans to release microcode updates for affected processors. Until these updates are available, users can employ workarounds such as using the 64-bit version of the RDSEED instruction, masking the RDSEED capability from software discovery, or treating RDSEED outputs of zero as failures and retrying the instruction.
Added: Nov 21, 2025, 7:18 PM
Updated: Nov 21, 2025, 7:18 PM
Vulnerability Rating
Custom Algorithm
spread
6.6impact
5.0exploitability
2.9remediation
8.3relevance
1.1threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.