CVE-2020-6100

Name of the Vulnerable Software and Affected Versions AMD graphics driver version 26.20.15019.19000

Description A memory corruption issue exists due to a specially crafted pixel shader, which can cause memory corruption. An attacker can trigger this issue by providing a specially crafted shader file. This could potentially be exploited from guest machines in virtualization environments to perform a guest-to-host escape. It may also be triggered from a web browser using WebGL and WebAssembly. In one instance, the vulnerability was exploited from a HYPER-V guest using the RemoteFX feature, leading to code execution on the HYPER-V host.

Recommendations For AMD graphics driver version 26.20.15019.19000, consider disabling the use of pixel shaders or restricting access to the atidxx64.dll until a patch is available. As a temporary workaround, avoid using RemoteFX feature in HYPER-V environments and limit the use of WebGL and WebAssembly in web browsers to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.