PT-2020-11076 · Vmware+1 · Vmware+1

Piotr Bania

Published

2020-01-25

Updated

2020-01-27

CVE-2019-5147

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions AMD ATIDXX64.DLL driver version 26.20.13003.1007

Description An out-of-bounds read issue exists in the AMD ATIDXX64.DLL driver. This can be triggered by a specially crafted pixel shader, potentially causing a denial of service. An attacker can exploit this by providing a specially crafted shader file. Notably, this issue can be triggered from a VMware guest, affecting the VMware host.

Recommendations For version 26.20.13003.1007, consider avoiding the use of specially crafted pixel shaders until a patch is available. As a temporary workaround, restrict the use of shader files from untrusted sources to minimize the risk of exploitation.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2019-5147

Affected Products

Atidxx64.Dll

Vmware

PT-2020-11076 · Vmware+1 · Vmware+1

CVE-2019-5147

Weakness Enumeration

Related Identifiers

Affected Products

References · 4