PT-2019-17435 · Amd+1 · Atidxx64.Dll+1

Published

2019-10-31

Updated

2019-11-07

CVE-2019-5049

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AMD ATIDXX64.DLL driver versions 25.20.15031.5004 and 25.20.15031.9002

Description A memory corruption issue exists due to an out-of-bounds memory write caused by a specially crafted pixel shader. An attacker can trigger this issue by providing a specially crafted shader file. This can be exploited from a VMware guest, affecting the VMware host.

Recommendations For version 25.20.15031.5004, consider disabling the use of specially crafted pixel shaders until a patch is available. For version 25.20.15031.9002, restrict the execution of shader files from untrusted sources to minimize the risk of exploitation.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-5049

Affected Products

Atidxx64.Dll

Vmware

PT-2019-17435 · Amd+1 · Atidxx64.Dll+1

CVE-2019-5049

Weakness Enumeration

Related Identifiers

Affected Products

References · 3