Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2025-2507
Vulnerability from csaf_certbund - Published: 2021-11-09 23:00 - Updated: 2025-11-06 23:00Summary
Intel Prozessor und Intel Graphics Driver: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Prozessor ist das zentrale Rechenwerk eines Computers.
Intel ist ein Hersteller von Grafikkarten. Ein Grafiktreiber, ist eine Software, die eine Interaktion mit angeschlossenen, eingebauten (Hardware) oder virtuellen Geräten ermöglicht.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Intel Prozessor und Intel Graphics Driver ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen offenzulegen und einen Denial of Service Zustand herzustellen.
Betroffene Betriebssysteme
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Prozessor ist das zentrale Rechenwerk eines Computers.\r\nIntel ist ein Hersteller von Grafikkarten. Ein Grafiktreiber, ist eine Software, die eine Interaktion mit angeschlossenen, eingebauten (Hardware) oder virtuellen Ger\u00e4ten erm\u00f6glicht.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Intel Prozessor und Intel Graphics Driver ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen und einen Denial of Service Zustand herzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2507 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2025-2507.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2507 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2507"
},
{
"category": "external",
"summary": "Intel Security Advisory vom 2021-11-09",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00481.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin AMD-SB-1000 vom 2021-11-10",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
},
{
"category": "external",
"summary": "Lenovo Advisory",
"url": "https://support.lenovo.com/de/de/product_security/ps500450-amd-graphics-driver-for-windows-10-vulnerabilities"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-73432 vom 2021-11-10",
"url": "https://support.lenovo.com/us/en/product_security/LEN-73432"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2021-242 vom 2025-11-06",
"url": "https://www.dell.com/support/kbdoc/de-de/000193982/dsa-2021-242"
}
],
"source_lang": "en-US",
"title": "Intel Prozessor und Intel Graphics Driver: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-06T23:00:00.000+00:00",
"generator": {
"date": "2025-11-07T08:57:08.865+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2507",
"initial_release_date": "2021-11-09T23:00:00.000+00:00",
"revision_history": [
{
"date": "2021-11-09T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-11-10T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von LENOVO aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T043182",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "for Windows 10 \u003c21.10",
"product": {
"name": "Intel Graphics Driver for Windows 10 \u003c21.10",
"product_id": "T007989"
}
},
{
"category": "product_version",
"name": "for Windows 10 21.10",
"product": {
"name": "Intel Graphics Driver for Windows 10 21.10",
"product_id": "T007989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:intel:graphic_driver:28mar2016"
}
}
}
],
"category": "product_name",
"name": "Graphics Driver"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Core i5-8305G with Radeon RX Vega M GL graphics \u003c21.10",
"product": {
"name": "Intel Prozessor Core i5-8305G with Radeon RX Vega M GL graphics \u003c21.10",
"product_id": "T020964"
}
},
{
"category": "product_version",
"name": "Core i5-8305G with Radeon RX Vega M GL graphics 21.10",
"product": {
"name": "Intel Prozessor Core i5-8305G with Radeon RX Vega M GL graphics 21.10",
"product_id": "T020964-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:intel:intel_prozessor:core_i5-8305g_with_radeon_rx_vega_m_gl_graphics__21.10"
}
}
},
{
"category": "product_version_range",
"name": "Core i7-8706G with Radeon RX Vega M GL graphics \u003c21.10",
"product": {
"name": "Intel Prozessor Core i7-8706G with Radeon RX Vega M GL graphics \u003c21.10",
"product_id": "T020965"
}
},
{
"category": "product_version",
"name": "Core i7-8706G with Radeon RX Vega M GL graphics 21.10",
"product": {
"name": "Intel Prozessor Core i7-8706G with Radeon RX Vega M GL graphics 21.10",
"product_id": "T020965-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:intel:intel_prozessor:core_i7-8706g_with_radeon_rx_vega_m_gl_graphics__21.10"
}
}
}
],
"category": "product_name",
"name": "Prozessor"
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T006520",
"product_identification_helper": {
"cpe": "cpe:/o:lenovo:lenovo_computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12892",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12892"
},
{
"cve": "CVE-2020-12893",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12893"
},
{
"cve": "CVE-2020-12894",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12894"
},
{
"cve": "CVE-2020-12895",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12895"
},
{
"cve": "CVE-2020-12897",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12897"
},
{
"cve": "CVE-2020-12898",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12898"
},
{
"cve": "CVE-2020-12899",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12899"
},
{
"cve": "CVE-2020-12900",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12900"
},
{
"cve": "CVE-2020-12901",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12901"
},
{
"cve": "CVE-2020-12902",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12902"
},
{
"cve": "CVE-2020-12903",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12903"
},
{
"cve": "CVE-2020-12904",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12904"
},
{
"cve": "CVE-2020-12905",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12905"
},
{
"cve": "CVE-2020-12963",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12963"
},
{
"cve": "CVE-2020-12964",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12964"
},
{
"cve": "CVE-2020-12980",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12980"
},
{
"cve": "CVE-2020-12981",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12981"
},
{
"cve": "CVE-2020-12982",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12982"
},
{
"cve": "CVE-2020-12983",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12983"
},
{
"cve": "CVE-2020-12985",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12985"
},
{
"cve": "CVE-2020-12986",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12986"
},
{
"cve": "CVE-2020-12987",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2020-12987"
},
{
"cve": "CVE-2021-33105",
"product_status": {
"known_affected": [
"T006520",
"T007989",
"T020965",
"T020964",
"T043182"
]
},
"release_date": "2021-11-09T23:00:00.000+00:00",
"title": "CVE-2021-33105"
}
]
}
CVE-2020-12964 (GCVE-0-2020-12964)
Vulnerability from cvelistv5 – Published: 2021-11-15 14:51 – Updated: 2024-09-16 18:28
VLAI?
EPSS
Summary
A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:14:55",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12964",
"datePublished": "2021-11-15T14:51:15.631262Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T18:28:27.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12985 (GCVE-0-2020-12985)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:50 – Updated: 2024-09-16 17:23
VLAI?
EPSS
Summary
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:16:33",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12985",
"datePublished": "2021-06-11T21:50:05.196288Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T17:23:19.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12894 (GCVE-0-2020-12894)
Vulnerability from cvelistv5 – Published: 2021-11-15 19:48 – Updated: 2024-09-17 01:45
VLAI?
EPSS
Summary
Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T19:48:37",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12894",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12894",
"datePublished": "2021-11-15T19:48:37.220384Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T01:45:55.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12899 (GCVE-0-2020-12899)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:29 – Updated: 2024-09-16 18:44
VLAI?
EPSS
Summary
Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T15:29:56",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12899",
"datePublished": "2021-11-15T15:29:56.401647Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T18:44:07.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12980 (GCVE-0-2020-12980)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:49 – Updated: 2024-09-17 03:22
VLAI?
EPSS
Summary
An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:17:16",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12980",
"datePublished": "2021-06-11T21:49:38.162263Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T03:22:33.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12900 (GCVE-0-2020-12900)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:27 – Updated: 2024-09-17 02:21
VLAI?
EPSS
Summary
An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T15:27:51",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12900",
"datePublished": "2021-11-15T15:27:51.589901Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T02:21:18.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12895 (GCVE-0-2020-12895)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:56 – Updated: 2024-09-16 22:02
VLAI?
EPSS
Summary
Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.755Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:14:44",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to escalation of privilege, information disclosure or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12895",
"datePublished": "2021-11-15T15:56:00.755364Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:02:20.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12982 (GCVE-0-2020-12982)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:49 – Updated: 2024-09-17 00:16
VLAI?
EPSS
Summary
An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:16:44",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12982",
"datePublished": "2021-06-11T21:49:49.547155Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T00:16:16.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12893 (GCVE-0-2020-12893)
Vulnerability from cvelistv5 – Published: 2021-11-15 19:45 – Updated: 2024-09-16 23:15
VLAI?
EPSS
Summary
Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:14:45",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12893",
"datePublished": "2021-11-15T19:45:36.942420Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T23:15:51.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12902 (GCVE-0-2020-12902)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:48 – Updated: 2024-09-16 16:59
VLAI?
EPSS
Summary
Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T15:48:41",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12902",
"datePublished": "2021-11-15T15:48:41.148192Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T16:59:09.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12905 (GCVE-0-2020-12905)
Vulnerability from cvelistv5 – Published: 2021-11-15 19:40 – Updated: 2024-09-17 00:36
VLAI?
EPSS
Summary
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T19:40:02",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12905",
"datePublished": "2021-11-15T19:40:02.588599Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T00:36:22.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12986 (GCVE-0-2020-12986)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:50 – Updated: 2024-09-16 16:58
VLAI?
EPSS
Summary
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:17:26",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12986",
"datePublished": "2021-06-11T21:50:10.654582Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T16:58:08.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12897 (GCVE-0-2020-12897)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:44 – Updated: 2024-09-16 17:38
VLAI?
EPSS
Summary
Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 21.3.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.3.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T15:44:11",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "21.3.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12897",
"datePublished": "2021-11-15T15:44:11.456371Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T17:38:45.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12981 (GCVE-0-2020-12981)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:49 – Updated: 2024-09-16 18:19
VLAI?
EPSS
Summary
An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:16:55",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12981",
"datePublished": "2021-06-11T21:49:43.864896Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T18:19:38.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12898 (GCVE-0-2020-12898)
Vulnerability from cvelistv5 – Published: 2021-11-15 18:58 – Updated: 2024-09-17 03:03
VLAI?
EPSS
Summary
Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T18:58:30",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12898",
"datePublished": "2021-11-15T18:58:30.225747Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T03:03:38.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12892 (GCVE-0-2020-12892)
Vulnerability from cvelistv5 – Published: 2021-11-15 18:39 – Updated: 2024-09-16 17:34
VLAI?
EPSS
Summary
An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 21.3.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.3.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:14:38",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "21.3.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12892",
"datePublished": "2021-11-15T18:39:47.290631Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T17:34:18.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12983 (GCVE-0-2020-12983)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:49 – Updated: 2024-09-17 02:57
VLAI?
EPSS
Summary
An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:17:05",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12983",
"datePublished": "2021-06-11T21:49:54.656844Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T02:57:33.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12904 (GCVE-0-2020-12904)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:12 – Updated: 2024-09-16 16:38
VLAI?
EPSS
Summary
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.111Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T15:12:44",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12904",
"datePublished": "2021-11-15T15:12:44.714023Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T16:38:11.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12987 (GCVE-0-2020-12987)
Vulnerability from cvelistv5 – Published: 2021-06-11 21:50 – Updated: 2024-09-17 01:02
VLAI?
EPSS
Summary
A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.7.1
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.7.1",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:17:38",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.7.1"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12987",
"datePublished": "2021-06-11T21:50:16.210991Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T01:02:07.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12901 (GCVE-0-2020-12901)
Vulnerability from cvelistv5 – Published: 2021-11-15 19:20 – Updated: 2024-09-17 03:17
VLAI?
EPSS
Summary
Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T19:20:07",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12901",
"datePublished": "2021-11-15T19:20:07.896631Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T03:17:36.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12963 (GCVE-0-2020-12963)
Vulnerability from cvelistv5 – Published: 2021-11-15 15:58 – Updated: 2024-09-16 22:45
VLAI?
EPSS
Summary
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:14:56",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12963",
"datePublished": "2021-11-15T15:58:06.272723Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T22:45:17.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33105 (GCVE-0-2021-33105)
Vulnerability from cvelistv5 – Published: 2022-02-09 22:04 – Updated: 2025-05-05 16:50
VLAI?
EPSS
Summary
Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access.
Severity ?
5.5 (Medium)
CWE
- denial of service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel® Core™ Processors with Radeon™ RX Vega M GL Graphics Advisory |
Affected:
see references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:19.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00481.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-33105",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:21:27.956342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:50:54.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel\u00ae Core\u2122 Processors with Radeon\u2122 RX Vega M GL Graphics Advisory",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "see references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " denial of service ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:04:39.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00481.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-33105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel\u00ae Core\u2122 Processors with Radeon\u2122 RX Vega M GL Graphics Advisory",
"version": {
"version_data": [
{
"version_value": "see references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " denial of service "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00481.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00481.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-33105",
"datePublished": "2022-02-09T22:04:39.000Z",
"dateReserved": "2021-05-18T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:50:54.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12903 (GCVE-0-2020-12903)
Vulnerability from cvelistv5 – Published: 2021-11-15 19:44 – Updated: 2024-09-17 00:52
VLAI?
EPSS
Summary
Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service.
Severity ?
No CVSS data available.
CWE
- NA
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMD | AMD Radeon Software |
Affected:
Radeon Software , < 20.11.2
(custom)
Affected: Radeon Pro Software for Enterprise , < 21.Q2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AMD Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "20.11.2",
"status": "affected",
"version": "Radeon Software",
"versionType": "custom"
},
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Radeon Pro Software for Enterprise",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NA",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-15T19:44:12",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2020-12903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMD Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Software",
"version_value": "20.11.2"
},
{
"version_affected": "\u003c",
"version_name": "Radeon Pro Software for Enterprise",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NA"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12903",
"datePublished": "2021-11-15T19:44:12.722388Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-17T00:52:24.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…