CVE-2020-12981 — Out-of-bounds Write in AMD Radeon Software

CWE-787 — Out-of-bounds Write2 documents2 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 64.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AMD Radeon Software AMD Radeon PRO Software AMD Radeon Software

Timeline

PublishedJun 11

Description

An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDamd/radeon_software< 20.7.1

▶CVEListV5amd/amd_radeon_softwareRadeon Software — 20.7.1+1

▶NVDamd/radeon_pro_software< 21.q1

🔴Vulnerability Details

CVEList

CVE-2020-12981: An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memo↗2021-06-11

▶