—

CVE-2025-54518EXPLOITEDPATCHED

amd · zen

CVE-2025-54518: Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to

Description

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.

Affected Products

Vendor	Product	Versions
amd	zen	all versions, AMD Fam17h CPUs (Zen1 microarchitecture)

References

https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-7052.html

Related News (10 articles)

Tier B

CERT-FR5d ago

Multiples vulnérabilités dans le noyau Linux de SUSE (05 juin 2026)

→ No new info (linked only)

Tier B

CERT-FR19d ago

Multiples vulnérabilités dans le noyau Linux de SUSE (22 mai 2026)

→ No new info (linked only)

Tier E

Hacker News21d ago

CVE-2025-54518

→ No new info (linked only)

Tier B

BSI Advisories28d ago

[NEU] [hoch] Microsoft Windows Produkte: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CERT-FR28d ago

Vulnérabilité dans Xen (13 mai 2026)

→ No new info (linked only)

Tier B

CERT-FR28d ago

Multiples vulnérabilités dans Microsoft Windows (13 mai 2026)

→ No new info (linked only)

Tier C

VulDB29d ago

CVE-2025-54518 | Microsoft Windows up to Server 2025 CPU OP Cache privilege escalation

→ No new info (linked only)

Tier C

oss-security29d ago

Xen Security Advisory 490 v1 (CVE-2025-54518) - x86: CPU Opcode Cache corruption

→ No new info (linked only)

Tier A

Microsoft MSRC29d ago

CVE-2025-54518 AMD: CVE-2025-54518 CPU OP Cache Corruption

→ No new info (linked only)

Tier C

oss-security54d ago

Xen Security Advisory 488 v1 - x86: Floating Point Divider State Sampling

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

xsa490-4.21.patch

CWECWE-1189

PublishedMay 13, 2026

Last enriched28d ago

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2025-54509

CVE-2025-54509: Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileg

Trending: 30

HIGHCVE-2023-20585EXP

CVE-2023-20585: Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hy

Trending: 28

PRE-CVE

Multiple vulnerabilities in AMD products including ARM CPU translation bypass and AMD Auto Updater

Trending: 20

NONECVE-2026-0466

CVE-2026-0466: Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memor

Trending: 18

NONECVE-2026-28237

CVE-2026-28237: Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially lead

Trending: 18

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 13, 2026

Discovered by ZDM

May 13, 2026

Actively Exploited

May 16, 2026

Exploit Available

May 16, 2026

Patch Available

May 16, 2026