Improper privilege management in Xen - CVE-2025-54518
Published: May 12, 2026
Vulnerability identifier: #VU131218
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-54518
CWE-ID: CWE-269
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Xen Project
Affected software:
Xen
Xen
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to improper privilege management in x86 CPU opcode cache handling when executing code on affected AMD Fam17h CPUs. A local user can execute code to escalate privileges.
The issue can permit escalation across privilege boundaries including userspace to kernel and guest to host, and only AMD Fam17h CPUs based on the Zen2 microarchitecture are believed to be affected.
How to mitigate CVE-2025-54518
Install security update from vendor's website.