PT-2020-11068 · Vmware+1 · Vmware+1

Piotr Bania

Published

2020-01-25

Updated

2020-01-27

CVE-2019-5124

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions AMD ATIDXX64.DLL driver version 26.20.13001.50005

Description An out-of-bounds read issue exists in the AMD ATIDXX64.DLL driver. This can be triggered by a specially crafted pixel shader, potentially causing a denial of service. An attacker can exploit this by providing a specially crafted shader file. Notably, this issue can be triggered from a VMware guest, which in turn affects the VMware host.

Recommendations For version 26.20.13001.50005, consider avoiding the use of specially crafted pixel shaders until a patch is available. As a temporary workaround, restrict the execution of potentially malicious shader files to minimize the risk of exploitation.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2019-5124

Affected Products

Atidxx64.Dll

Vmware

PT-2020-11068 · Vmware+1 · Vmware+1

CVE-2019-5124

Weakness Enumeration

Related Identifiers

Affected Products

References · 3