Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Radeon Software by AMD
CVE-2020-12891 (GCVE-0-2020-12891)
Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 17:33
VLAI
Summary
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
Severity
No CVSS data available.
CWE
- TBD
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.amd.com/en/corporate/product-security… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | Radeon Software |
Affected:
Radeon Driver , < 21.4.1
(custom)
|
|
| AMD | Radeon Pro Software for Enterprise |
Affected:
Enterprise Driver , < 21.Q2
(custom)
|
Date Public
2021-11-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.4.1",
"status": "affected",
"version": "Radeon Driver",
"versionType": "custom"
}
]
},
{
"product": "Radeon Pro Software for Enterprise",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Enterprise Driver",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "TBD",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:12.000Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:30:00.000Z",
"ID": "CVE-2020-12891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Driver",
"version_value": "21.4.1"
}
]
}
},
{
"product_name": "Radeon Pro Software for Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Enterprise Driver",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12891",
"datePublished": "2022-02-04T22:29:12.020Z",
"dateReserved": "2020-05-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:33:32.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12891 (GCVE-0-2020-12891)
Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 17:33
VLAI
Summary
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
Severity
No CVSS data available.
CWE
- TBD
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.amd.com/en/corporate/product-security… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | Radeon Software |
Affected:
Radeon Driver , < 21.4.1
(custom)
|
|
| AMD | Radeon Pro Software for Enterprise |
Affected:
Enterprise Driver , < 21.Q2
(custom)
|
Date Public
2021-11-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.4.1",
"status": "affected",
"version": "Radeon Driver",
"versionType": "custom"
}
]
},
{
"product": "Radeon Pro Software for Enterprise",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Enterprise Driver",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "TBD",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:12.000Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:30:00.000Z",
"ID": "CVE-2020-12891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Driver",
"version_value": "21.4.1"
}
]
}
},
{
"product_name": "Radeon Pro Software for Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Enterprise Driver",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12891",
"datePublished": "2022-02-04T22:29:12.020Z",
"dateReserved": "2020-05-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:33:32.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}