High severityNVD Advisory· Published May 15, 2026· Updated May 15, 2026
CVE-2025-54518
CVE-2025-54518
Description
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
23- osv-coords22 versionspkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweedpkg:rpm/suse/kernel-livepatch-SLE16_Update_0&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_0&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_1&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_2&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_3&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_4&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_5&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_5&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-livepatch-SLE16_Update_6&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_6&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_7&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_7&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_8&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_9&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-livepatch-SLE16_Update_9&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 4.21.1_06-1.1+ 21 more
- (no CPE)range: < 4.21.1_06-1.1
- (no CPE)range: < 13-160000.4.3
- (no CPE)range: < 13-160000.4.3
- (no CPE)range: < 11-160000.1.1
- (no CPE)range: < 11-160000.1.1
- (no CPE)range: < 9-160000.1.1
- (no CPE)range: < 9-160000.1.1
- (no CPE)range: < 8-160000.1.1
- (no CPE)range: < 8-160000.1.1
- (no CPE)range: < 7-160000.1.1
- (no CPE)range: < 7-160000.1.1
- (no CPE)range: < 6-160000.1.1
- (no CPE)range: < 6-160000.1.1
- (no CPE)range: < 6-160000.1.1
- (no CPE)range: < 5-160000.1.1
- (no CPE)range: < 5-160000.1.1
- (no CPE)range: < 4-160000.1.1
- (no CPE)range: < 4-160000.1.1
- (no CPE)range: < 3-160000.1.1
- (no CPE)range: < 3-160000.1.1
- (no CPE)range: < 2-160000.1.1
- (no CPE)range: < 2-160000.1.1
Patches
Vulnerability mechanics
References
3News mentions
4- Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE FlawsThe Hacker News · May 13, 2026
- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026
- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-daysBleepingComputer · May 12, 2026
- Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103)Tenable Blog · May 12, 2026