AMD Zen 2 CPU: Shared cache isolation flaw enables privilege escalation
CVE-2025-54518 Published on May 15, 2026

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.

NVD

Vulnerability Analysis

CVE-2025-54518 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Types

What is a SoC Vulnerability?

The product does not properly isolate shared resources between trusted and untrusted agents.

CVE-2025-54518 has been classified to as a SoC vulnerability or weakness.

Insufficient Granularity of Access Control

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.


Products Associated with CVE-2025-54518

Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.

 
 
 

Affected Versions

AMD EPYC™ 7002 Series Processors: AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics: AMD Ryzen™ 3000 Series Desktop Processors: AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors: AMD Ryzen™ 7030 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ Threadripper™ PRO 3000 WX-Series Processors: AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics: AMD Ryzen™ 4000 Series Desktop Processors: AMD Ryzen™ 5000 Series Desktop Processors with Radeon™ Graphics: AMD Ryzen™ 3000 Series Desktop Processors: AMD EPYC™ Embedded 7002 Series Processors: AMD Ryzen Embedded V2000A Series Processors: AMD Ryzen™ Embedded V2000 Series Processors: Red Hat Enterprise Linux 10: Red Hat Enterprise Linux 10: Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 8: Red Hat Enterprise Linux 8: Red Hat Enterprise Linux 9: Red Hat Enterprise Linux 9: Red Hat Enterprise Linux for NVIDIA 26: Red Hat OpenShift Container Platform 4:

Exploit Probability

EPSS
0.26%
Percentile
17.26%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.