Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Radeon Software by AMD

    CVE-2020-12891 (GCVE-0-2020-12891)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 17:33
    VLAI
    Summary
    AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
    Severity
    No CVSS data available.
    CWE
    • TBD
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD Radeon Software Affected: Radeon Driver , < 21.4.1 (custom)
    Create a notification for this product.
    AMD Radeon Pro Software for Enterprise Affected: Enterprise Driver , < 21.Q2 (custom)
    Create a notification for this product.
    Date Public
    2021-11-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:11:18.664Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Radeon Software",
              "vendor": "AMD",
              "versions": [
                {
                  "lessThan": "21.4.1",
                  "status": "affected",
                  "version": "Radeon Driver",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Radeon Pro Software for Enterprise",
              "vendor": "AMD",
              "versions": [
                {
                  "lessThan": "21.Q2",
                  "status": "affected",
                  "version": "Enterprise Driver",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-11-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "TBD",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:12.000Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
            }
          ],
          "source": {
            "advisory": "AMD-SB-1000",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@amd.com",
              "DATE_PUBLIC": "2021-11-09T20:30:00.000Z",
              "ID": "CVE-2020-12891",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Radeon Software",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "Radeon Driver",
                                "version_value": "21.4.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Radeon Pro Software for Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "Enterprise Driver",
                                "version_value": "21.Q2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "AMD"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "TBD"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
                  "refsource": "MISC",
                  "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
                }
              ]
            },
            "source": {
              "advisory": "AMD-SB-1000",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2020-12891",
        "datePublished": "2022-02-04T22:29:12.020Z",
        "dateReserved": "2020-05-15T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:33:32.143Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12891 (GCVE-0-2020-12891)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 17:33
    VLAI
    Summary
    AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
    Severity
    No CVSS data available.
    CWE
    • TBD
    Assigner
    AMD
    References
    Impacted products
    Vendor Product Version
    AMD Radeon Software Affected: Radeon Driver , < 21.4.1 (custom)
    Create a notification for this product.
    AMD Radeon Pro Software for Enterprise Affected: Enterprise Driver , < 21.Q2 (custom)
    Create a notification for this product.
    Date Public
    2021-11-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T12:11:18.664Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Radeon Software",
              "vendor": "AMD",
              "versions": [
                {
                  "lessThan": "21.4.1",
                  "status": "affected",
                  "version": "Radeon Driver",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Radeon Pro Software for Enterprise",
              "vendor": "AMD",
              "versions": [
                {
                  "lessThan": "21.Q2",
                  "status": "affected",
                  "version": "Enterprise Driver",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-11-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "TBD",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:12.000Z",
            "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
            "shortName": "AMD"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
            }
          ],
          "source": {
            "advisory": "AMD-SB-1000",
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@amd.com",
              "DATE_PUBLIC": "2021-11-09T20:30:00.000Z",
              "ID": "CVE-2020-12891",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Radeon Software",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "Radeon Driver",
                                "version_value": "21.4.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Radeon Pro Software for Enterprise",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_name": "Enterprise Driver",
                                "version_value": "21.Q2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "AMD"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "TBD"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
                  "refsource": "MISC",
                  "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
                }
              ]
            },
            "source": {
              "advisory": "AMD-SB-1000",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "assignerShortName": "AMD",
        "cveId": "CVE-2020-12891",
        "datePublished": "2022-02-04T22:29:12.020Z",
        "dateReserved": "2020-05-15T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:33:32.143Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }