In a recent disclosure, AMD revealed information about a vulnerability (CVE-2025-54518) present in processors utilizing the Zen 2 microarchitecture. This vulnerability leads to the corruption of the object code cache, allowing CPU instructions to be executed at a privileged level above normal. This flaw could potentially enable an attacker to elevate their privileges within the system, such as executing code with kernel rights or gaining access to the host environment from a virtual machine.
The identified vulnerability was discovered by AMD employees, though specific details regarding its exploitation have not been disclosed yet. The root cause of the issue is attributed to the improper isolation of shared resources during operations on the CPU object code cache. By manipulating elements within the cache, an attacker can alter instructions executed at a different privilege level.
This vulnerability is exclusive to AMD processors based on the Zen2 (Fam17h) microarchitecture. It impacts the Xen hypervisor, enabling a bypass of isolation. Patch updates have been released for Xen versions ranging from 4.17 to 4.21 to address this vulnerability. Additionally, a fix has been proposed for the Linux kernel to mitigate this issue.
For desktop and mobile CPU series like AMD Ryzen 3000, 4000, 5000, 7020, 7030, and Threadripper PRO 3000 WX, the vulnerability was resolved last autumn. The vulnerability in AMD Ryzen Embedded V2000 embedded CPUs was addressed at the end of December. However, in AMD EPYC 7002 series processors, the vulnerability still remains unresolved, with a suggested workaround at the operating system level.