RSS   Vulnerabilities for
'Radeon directx 11 driver atidxx64.dll'
   RSS

2020-07-20
 
CVE-2020-6103

CWE-787
 

 
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly).

 
 
CVE-2020-6102

CWE-20
 

 
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly).

 
 
CVE-2020-6101

CWE-787
 

 
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly).

 
 
CVE-2020-6100

CWE-787
 

 
An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability potentially could be triggered from guest machines running virtualization environments (ie. VMware, qemu, VirtualBox etc.) in order to perform guest-to-host escape - as it was demonstrated before (TALOS-2018-0533, TALOS-2018-0568, etc.). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). This vulnerability was triggered from HYPER-V guest using RemoteFX feature leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process).

 

 >>> Vendor: AMD 24 Products
Catalyst driver
16h model 00h processor
16h model 0fh processor
16h model processor firmware
Fx-8120 8-core
Fx-8350 8-core
Athlon ii 640 x4
Fx-8320 8-core
Phenom 9550 4-core
E-350
Ryzen
Fglrx-driver
Ryzen firmware
Ryzen mobile firmware
Ryzen pro firmware
Epyc server firmware
Secure encrypted virtualization firmware
Atillk64
Overdrive
Radeon directx 11 driver atidxx64.dll
Atikmdag.sys
Radeon software
Amd generic encapsulated software architecture
Radeon pro software


Copyright 2024, cxsecurity.com

 

Back to Top