PT-2020-13322 · Amd · Atikmdag.Sys

Published

2020-10-08

Updated

2020-10-22

CVE-2020-12911

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions AMD ATIKMDAG.SYS version 26.20.15029.27017

Description A denial of service issue exists in the D3DKMTCreateAllocation handler functionality. A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service, resulting in a BSOD. This issue can be triggered from a non-privileged account.

Recommendations For AMD ATIKMDAG.SYS version 26.20.15029.27017, consider disabling the D3DKMTCreateAllocation handler functionality as a temporary workaround until a patch is available. Restrict access to the D3DKMTCreateAllocation API endpoint to minimize the risk of exploitation.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2020-12911

Affected Products

Atikmdag.Sys

PT-2020-13322 · Amd · Atikmdag.Sys

CVE-2020-12911

Weakness Enumeration

Related Identifiers

Affected Products

References · 5