CVE-2020-12987

CWE-200Information Exposure2 documents2 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 74.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
AMD AMD Radeon SoftwareAMD Radeon PRO SoftwareAMD Radeon Software
Timeline
PublishedJun 11

Description

A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDamd/radeon_software< 20.7.1
CVEListV5amd/amd_radeon_softwareRadeon Software20.7.1+1

🔴Vulnerability Details

1
CVEList
CVE-2020-12987: A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass2021-06-11
CVE-2020-12987 (MEDIUM CVSS 5.5) | A heap information leak/kernel pool | cvebase.io