SB2020071706 - Multiple vulnerabilities in AMD Radeon DirectX 11 Driver atidxx64.dll
Published: July 17, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Out-of-bounds write (CVE-ID: CVE-2020-6100)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Shader functionality "MOV REG". A remote authenticated attacker can use a specially crafted shader file, trigger out-of-bounds write and execute arbitrary code on the target system.
2) Out-of-bounds write (CVE-ID: CVE-2020-6103)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Shader functionality "ROUND_NI". A remote authenticated attacker can use a specially crafted shader file, trigger out-of-bounds write and execute arbitrary code on the target system.
3) Out-of-bounds write (CVE-ID: CVE-2020-6102)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Shader functionality "RESOURCE". A remote authenticated attacker can use a specially crafted shader file, trigger out-of-bounds write and execute arbitrary code on the target system.
4) Out-of-bounds write (CVE-ID: CVE-2020-6101)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the Shader functionality "DCL_OUTPUT". A remote authenticated attacker can use a specially crafted shader file, trigger out-of-bounds write and execute arbitrary code on the target system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.