CVE-2025-54514

Summary

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.

Affected Software

VendorProductVersion RangeStatus
AMDAMD EPYC™ 9005 Series ProcessorsTurinPI 1.0.0.6unaffected
AMDAMD Ryzen™ 9000HX Series ProcessorsFireRangeFL1 PI-1.0.0.0dunaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsStrixKrackanPI-FP8_1.1.0.0dunaffected
AMDAMD Ryzen™ AI 300 Series ProcessorsGorgonPI-FP8_1.0.0.0unaffected
AMDAMD Ryzen™ 9000 Series Desktop ProcessorsComboAM5 PI 1.2.0.3hunaffected
AMDAMD Ryzen™ AI Max 300 Series ProcessorsStrixHaloPI-FP11_1.0.0.1cunaffected
AMDAMD Ryzen™ Z2 Series Processors ExtremeStrixKrackanPI-FP8_1.1.0.0dunaffected
AMDAMD Ryzen™ AI 400 Series ProcessorsGorgonPI-FP8_1.0.0.0unaffected
AMDAMD Ryzen™ Threadripper™ 9000 ProcessorsShimadaPeakPI-SP6_1.0.0.1bunaffected
AMDAMD Ryzen™ Threadripper™ PRO 9000 WX-Series ProcessorsShimadaPeakPI-SP6_1.0.0.1bunaffected
AMDAMD EPYC™ Embedded 9005 Series ProcessorsEmbTurinPI-SP5_1.0.0.1unaffected

Weaknesses

  • CWE-1189: CWE-1189 Improper Isolation of Shared Resources on System-on-a-Chip (SoC)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References