{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T20:54:17.032","vulnerabilities":[{"cve":{"id":"CVE-2025-38518","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-08-16T11:15:45.020","lastModified":"2025-11-18T21:51:51.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Disable INVLPGB on Zen2\n\nAMD Cyan Skillfish (Family 17h, Model 47h, Stepping 0h) has an issue\nthat causes system oopses and panics when performing TLB flush using\nINVLPGB.\n\nHowever, the problem is that that machine has misconfigured CPUID and\nshould not report the INVLPGB bit in the first place. So zap the\nkernel's representation of the flag so that nothing gets confused.\n\n  [ bp: Massage. ]"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/CPU/AMD: Desactivar INVLPGB en Zen2 AMD Cyan Skillfish (Familia 17h, Modelo 47h, Stepping 0h) presenta un problema que provoca errores y pánicos del sistema al realizar el vaciado de TLB con INVLPGB. Sin embargo, el problema radica en que esa máquina tiene un CPUID mal configurado y no debería informar el bit INVLPGB. Por lo tanto, elimine la representación del indicador en el kernel para evitar confusiones. [bp: Masaje]."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15","versionEndExcluding":"6.15.7","matchCriteriaId":"FBA11932-25B2-4915-A601-431072CDC904"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*","matchCriteriaId":"6D4894DB-CCFE-4602-B1BF-3960B2E19A01"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*","matchCriteriaId":"09709862-E348-4378-8632-5A7813EDDC86"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*","matchCriteriaId":"415BF58A-8197-43F5-B3D7-D1D63057A26E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*","matchCriteriaId":"A0517869-312D-4429-80C2-561086E1421C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*","matchCriteriaId":"85421F4E-C863-4ABF-B4B4-E887CC2F7F92"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/357f121517924e3ec3021f9d0dd0189adcd09867","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a74bb5f202dabddfea96abc1328fcedae8aa140a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}