CVE-2025-54518
HIGHAmd Epyc™ 7002 Series Processors - Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
Title source: ruleDescription
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
References (6)
Core 6
Core References
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2025-54518
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2477784
Various Sources
http://xenbits.xen.org/xsa/advisory-490.html
Scores
CVSS v3
7.0
EPSS
0.0026
EPSS Percentile
17.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-1189
CWE-1220
Status
published
Products (14)
AMD/AMD EPYC™ 7002 Series Processors
os kernel
AMD/AMD EPYC™ Embedded 7002 Series Processors
OS kernel
AMD/AMD Ryzen Embedded V2000A Series Processors
EmbeddedV2KAPI-FP6 1.0.0.A
AMD/AMD Ryzen™ 3000 Series Desktop Processors
ComboAM4PI 1.0.0.10
AMD/AMD Ryzen™ 3000 Series Desktop Processors
ComboAM4v2 1.2.0.10
AMD/AMD Ryzen™ 4000 Series Desktop Processors
ComboAM4v2 1.2.0.10
AMD/AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics
RenoirPI-FP6_1.0.0.Ed
AMD/AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics
ComboAM4v2 1.2.0.10
AMD/AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
CezannePI-FP6_1.0.1.1d
AMD/AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics
MendocinoPI-FT6_1.0.0.7f
... and 4 more
Published
May 15, 2026
Tracked Since
May 15, 2026