PT-2020-13327 · Amd+1 · Atikmdag.Sys+1
Published
2020-10-13
·
Updated
2020-10-21
·
CVE-2020-12933
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
AMD ATIKMDAG.SYS version 26.20.15029.27017
Description
A denial of service issue exists in the D3DKMTEscape handler functionality. A specially crafted D3DKMTEscape API request can cause an out-of-bounds read in Windows OS kernel memory area. This issue can be triggered from a non-privileged account.
Recommendations
For AMD ATIKMDAG.SYS version 26.20.15029.27017, consider restricting access to the D3DKMTEscape handler functionality until a patch is available. As a temporary workaround, avoid using the D3DKMTEscape API to minimize the risk of exploitation.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Atikmdag.Sys
Windows