ID CVE-2019-5146Type cveReporter cve@mitre.orgModified 2020-01-27T18:54:00
Description
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.
{"id": "CVE-2019-5146", "bulletinFamily": "NVD", "title": "CVE-2019-5146", "description": "An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.", "published": "2020-01-25T18:15:00", "modified": "2020-01-27T18:54:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-5146", "reporter": "cve@mitre.org", "references": ["https://talosintelligence.com/vulnerability_reports/TALOS-2019-0937"], "cvelist": ["CVE-2019-5146"], "type": "cve", "lastseen": "2020-10-03T13:38:54", "edition": 4, "viewCount": 67, "enchantments": {"dependencies": {"references": [{"type": "talos", "idList": ["TALOS-2019-0937"]}, {"type": "attackerkb", "idList": ["AKB:D1546F47-6385-4452-85B4-BCD67F93AF06"]}, {"type": "talosblog", "idList": ["TALOSBLOG:E9EF8812CF8CF7754CD7AD5542FB2103"]}], "modified": "2020-10-03T13:38:54", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2020-10-03T13:38:54", "rev": 2}, "vulnersScore": 5.2}, "cpe": ["cpe:/a:amd:atidxx64:26.20.13025.10004"], "affectedSoftware": [{"cpeName": "amd:atidxx64", "name": "amd atidxx64", "operator": "eq", "version": "26.20.13025.10004"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0}, "cpe23": ["cpe:2.3:a:amd:atidxx64:26.20.13025.10004:*:*:*:*:*:*:*"], "cwe": ["CWE-125"], "scheme": null, "affectedConfiguration": [{"cpeName": "vmware:workstation", "name": "vmware workstation", "operator": "eq", "version": "15.0"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:vmware:workstation:15.0:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:amd:atidxx64:26.20.13025.10004:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}]}}
{"talos": [{"lastseen": "2020-07-01T21:25:26", "bulletinFamily": "info", "cvelist": ["CVE-2019-5146"], "description": "# Talos Vulnerability Report\n\n### TALOS-2019-0937\n\n## AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability\n\n##### January 21, 2020\n\n##### CVE Number\n\nCVE-2019-5146\n\n### Summary\n\nAn exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.\n\n### Tested Versions\n\nAMD ATIDXX64.DLL (26.20.13025.10004) running on Radeon RX 550 / 550 Series VMware Workstation 15 (15.5.0 build-14665864) with Windows 10 x64 as guestVM\n\n### Product URLs\n\n[http://amd.com](<https://amd.com>) [http://vmware.com](<https://vmware.com>)\n\n### CVSSv3 Score\n\n8.6 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\n\n### CWE\n\nCWE-125: Out-of-bounds Read\n\n### Details\n\nThis vulnerability can be triggered by supplying a malformed pixel shader (inside VMware guest OS). This type of attack can be triggered from from VMware guest usermode to cause an out-of-bounds read in the `vmware-vmx.exe` process on host, or theoretically through WEBGL (remote website).\n\nExample shader:\n \n \n ps_4_1\n dcl_global_flags refactoringAllowed\n dcl_constant_buffer cb0[5].xyzw, immediateIndexed\n dcl_resource_texture2d resource[0]\n dcl_resource_texture2d resource[1]\n dcl_input_ps_siv linear noperspective v0.xy, position\n dcl_output o0.xyzw\n dcl_temps 19 \n 00000007: 0x00000328 - 0x00000348 LEN:0032 0e 00 00 08 32 00 10 00 00 00 00 00 46 10 10 00 00 00 00 00 46 80 20 00 00 00 00 00 00 00 00 00 div r0.xy, v0.xyxx, cb0[0].xyxx\n ...\n mad r0.xyw, r5.xyxz, l(2.14451, 2.14451, 0, 2.14451), v0.xyxw\n \n\nBy modifying the MAD instruction\u2019s (Component-wise multiply & add) last operand from `r0.xyxw` to `v0.xyxw` it is possible to trigger an out-of-bounds read exception due to the `rax` (`eax`) index register being used in the `mov rcx,qword ptr [rsi+rax*8+18h]`, which was initialized to -1.\n\nException:\n \n \n 0:016> .ecxr\n rax=00000000ffffffff rbx=0000000000000001 rcx=0000000000000000\n rdx=0000000000000001 rsi=000001a4e6d323d8 rdi=00000000ffffffff\n rip=00007ff9c07855ba rsp=0000009c53bf4c90 rbp=00000000ffffffff\n r8=000001a4e6c919b0 r9=0000000000000000 r10=0000000000000009\n r11=0000009c53bf4b80 r12=0000000000000000 r13=000001a4e6cd74f0\n r14=000001a4e6a5b8c8 r15=0000000000000000\n iopl=0 nv up ei pl zr na po nc\n cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246\n atidxx64!AmdDxGsaFreeCompiledShader+0x46b28a:\n 00007ff9`c07855ba 488b4cc618 mov rcx,qword ptr [rsi+rax*8+18h] ds:000001ac`e6d323e8=????????????????\n \n\n### Crash Information\n \n \n (3d28.3b60): Access violation - code c0000005 (first chance)\n First chance exceptions are reported before any exception handling.\n This exception may be expected and handled.\n atidxx64!AmdDxGsaFreeCompiledShader+0x46b28a:\n 00007ff9`c07855ba 488b4cc618 mov rcx,qword ptr [rsi+rax*8+18h] ds:00000172`c622c8d8=????????????????\n 0:000> !analyze -v\n *******************************************************************************\n * *\n * Exception Analysis *\n * *\n *******************************************************************************\n \n *** WARNING: Unable to verify checksum for BasicHLSL11_VENDOR_ONLY.exe\n \n KEY_VALUES_STRING: 1\n \n Key : AV.Fault\n Value: Read\n \n Key : Timeline.OS.Boot.DeltaSec\n Value: 349908\n \n Key : Timeline.Process.Start.DeltaSec\n Value: 22\n \n \n PROCESSES_ANALYSIS: 1\n \n SERVICE_ANALYSIS: 1\n \n STACKHASH_ANALYSIS: 1\n \n TIMELINE_ANALYSIS: 1\n \n Timeline: !analyze.Start\n Name: <blank>\n Time: 2019-10-16T10:49:41.609Z\n Diff: 6390 mSec\n \n Timeline: Dump.Current\n Name: <blank>\n Time: 2019-10-16T10:49:48.0Z\n Diff: 0 mSec\n \n Timeline: Process.Start\n Name: <blank>\n Time: 2019-10-16T10:49:26.0Z\n Diff: 22000 mSec\n \n Timeline: OS.Boot\n Name: <blank>\n Time: 2019-10-12T09:38:00.0Z\n Diff: 349908000 mSec\n \n \n DUMP_CLASS: 2\n \n DUMP_QUALIFIER: 0\n \n FAULTING_IP: \n atidxx64!AmdDxGsaFreeCompiledShader+46b28a\n 00007ff9`c07855ba 488b4cc618 mov rcx,qword ptr [rsi+rax*8+18h]\n \n EXCEPTION_RECORD: (.exr -1)\n ExceptionAddress: 00007ff9c07855ba (atidxx64!AmdDxGsaFreeCompiledShader+0x000000000046b28a)\n ExceptionCode: c0000005 (Access violation)\n ExceptionFlags: 00000000\n NumberParameters: 2\n Parameter[0]: 0000000000000000\n Parameter[1]: 00000172c622c8d8\n Attempt to read from address 00000172c622c8d8\n \n FAULTING_THREAD: 00003b60\n \n DEFAULT_BUCKET_ID: INVALID_POINTER_READ\n \n PROCESS_NAME: BasicHLSL11_VENDOR_ONLY.exe\n \n FOLLOWUP_IP: \n atidxx64!AmdDxGsaFreeCompiledShader+46b28a\n 00007ff9`c07855ba 488b4cc618 mov rcx,qword ptr [rsi+rax*8+18h]\n \n READ_ADDRESS: 00000172c622c8d8 \n \n ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.\n \n EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.\n \n EXCEPTION_CODE_STR: c0000005\n \n EXCEPTION_PARAMETER1: 0000000000000000\n \n EXCEPTION_PARAMETER2: 00000172c622c8d8\n \n WATSON_BKT_PROCSTAMP: 5cb740ee\n \n WATSON_BKT_MODULE: atidxx64.dll\n \n WATSON_BKT_MODSTAMP: 5d97706a\n \n WATSON_BKT_MODOFFSET: 4d55ba\n \n WATSON_BKT_MODVER: 26.20.13025.10004\n \n MODULE_VER_PRODUCT: Advanced Micro Devices, Inc. Radeon DirectX 11 Driver\n \n BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202\n \n MODLIST_WITH_TSCHKSUM_HASH: ec25c91ba0aaa8733ef61a1afd1f3dce69c12f2d\n \n MODLIST_SHA1_HASH: 8595bb61cbb1e585fd325273c523a810a47d8f9d\n \n NTGLOBALFLAG: 470\n \n PROCESS_BAM_CURRENT_THROTTLED: 0\n \n PROCESS_BAM_PREVIOUS_THROTTLED: 0\n \n APPLICATION_VERIFIER_FLAGS: 0\n \n PRODUCT_TYPE: 1\n \n SUITE_MASK: 272\n \n DUMP_TYPE: fe\n \n ANALYSIS_SESSION_HOST: CLAB\n \n ANALYSIS_SESSION_TIME: 10-16-2019 12:49:41.0609\n \n ANALYSIS_VERSION: 10.0.18362.1 amd64fre\n \n THREAD_ATTRIBUTES: \n OS_LOCALE: ENU\n \n BUGCHECK_STR: APPLICATION_FAULT_INVALID_POINTER_READ\n \n PRIMARY_PROBLEM_CLASS: APPLICATION_FAULT\n \n PROBLEM_CLASSES: \n \n ID: [0n313]\n Type: [@ACCESS_VIOLATION]\n Class: Addendum\n Scope: BUCKET_ID\n Name: Omit\n Data: Omit\n PID: [Unspecified]\n TID: [0x3b60]\n Frame: [0] : atidxx64!AmdDxGsaFreeCompiledShader\n \n ID: [0n285]\n Type: [INVALID_POINTER_READ]\n Class: Primary\n Scope: DEFAULT_BUCKET_ID (Failure Bucket ID prefix)\n BUCKET_ID\n Name: Add\n Data: Omit\n PID: [Unspecified]\n TID: [0x3b60]\n Frame: [0] : atidxx64!AmdDxGsaFreeCompiledShader\n \n LAST_CONTROL_TRANSFER: from 00007ff9c0784abb to 00007ff9c07855ba\n \n STACK_TEXT: \n 00000065`d5788f50 00007ff9`c0784abb : 0000016a`c5db40a8 00000065`d5789200 0000016a`ffffffff 00000065`d5789200 : atidxx64!AmdDxGsaFreeCompiledShader+0x46b28a\n 00000065`d5789010 00007ff9`c077c64e : 0000016a`c620e101 00000065`d57892c0 00000065`d5789200 00007ff9`00000000 : atidxx64!AmdDxGsaFreeCompiledShader+0x46a78b\n 00000065`d57891d0 00007ff9`c077bacd : 0000016a`c5db40a8 00000065`d5789330 00000000`00000003 00000000`00000001 : atidxx64!AmdDxGsaFreeCompiledShader+0x46231e\n 00000065`d5789310 00007ff9`c077b71b : 00000065`d57896e0 00000000`00000000 b4000000`00000000 00000000`3f7ffffe : atidxx64!AmdDxGsaFreeCompiledShader+0x46179d\n 00000065`d5789420 00007ff9`c077ac84 : 00000000`00000000 00000000`00000000 0000016a`c622a0c0 0000016a`c5db40a8 : atidxx64!AmdDxGsaFreeCompiledShader+0x4613eb\n 00000065`d57895c0 00007ff9`c077370e : 0000016a`c5db40a8 0000016a`00000000 0000016a`00000000 0000016a`c5db40a8 : atidxx64!AmdDxGsaFreeCompiledShader+0x460954\n 00000065`d57899d0 00007ff9`c0412f0d : 0000016a`00000000 0000016a`00000000 0000016a`c5dcfdf0 00000065`d5789af9 : atidxx64!AmdDxGsaFreeCompiledShader+0x4593de\n 00000065`d5789a20 00007ff9`c04276b6 : 0000016a`c5dcfdf0 0000016a`c5db4090 0000016a`000004dc 0000016a`c5dcfdf0 : atidxx64!AmdDxGsaFreeCompiledShader+0xf8bdd\n 00000065`d5789b60 00007ff9`c0416770 : 0000016a`c5cc1b10 0000016a`c5dc7e58 00000000`00000004 0000016a`c5cc1b10 : atidxx64!AmdDxGsaFreeCompiledShader+0x10d386\n 00000065`d5789d20 00007ff9`c03f59c4 : 0000016a`c5cc1b10 0000016a`c5fa7010 00000065`d578a560 0000016a`c5cc1b10 : atidxx64!AmdDxGsaFreeCompiledShader+0xfc440\n 00000065`d5789da0 00007ff9`c0339404 : 00000000`00000001 00000065`d578a560 0000016a`c5fa7010 00000065`d578a560 : atidxx64!AmdDxGsaFreeCompiledShader+0xdb694\n 00000065`d578a320 00007ff9`c0ac0518 : 0000016a`bfba2a08 00000065`d578a450 00000065`d578a560 0000016a`c5d2eac0 : atidxx64!AmdDxGsaFreeCompiledShader+0x1f0d4\n 00000065`d578a350 00007ff9`c0aa5c5b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : atidxx64!AmdDxGsaFreeCompiledShader+0x7a61e8\n 00000065`d578a4c0 00007ff9`c0aa5792 : 00000000`00000000 0000016a`c5fa6d10 0000016a`c5c32890 00000065`d578e1d0 : atidxx64!AmdDxGsaFreeCompiledShader+0x78b92b\n 00000065`d578a520 00007ff9`c0ad61a3 : 0000016a`c5fa6d10 00000000`00000000 0000016a`c5c98730 00000065`d578e1d0 : atidxx64!AmdDxGsaFreeCompiledShader+0x78b462\n 00000065`d578e180 00007ff9`c0aa5667 : 00000000`00000004 0000016a`c5fa62c0 0000016a`c5c85a90 0000016a`c5c406c0 : atidxx64!AmdDxGsaFreeCompiledShader+0x7bbe73\n 00000065`d578e1b0 00007ff9`c0b75251 : 00000000`00000000 00000065`d578e520 00000000`00000000 00000000`00000000 : atidxx64!AmdDxGsaFreeCompiledShader+0x78b337\n 00000065`d578e210 00007ff9`c0334d6a : 00000000`00000000 00000000`00000000 00000065`d578e520 00000000`00000000 : atidxx64!AmdDxGsaFreeCompiledShader+0x85af21\n 00000065`d578e250 00007ff9`c0334bb3 : 0000016a`c5c5acd0 00000000`00000003 00000000`00000003 00000000`00000000 : atidxx64!AmdDxGsaFreeCompiledShader+0x1aa3a\n 00000065`d578e290 00007ff9`c02bc05e : 00000000`00000001 00000000`00000000 00000000`00001817 00000000`00000003 : atidxx64!AmdDxGsaFreeCompiledShader+0x1a883\n 00000065`d578e320 00007ff9`c0a28246 : 00000000`00000000 00000065`d578e520 00000000`00000000 ffffffff`ffffffff : atidxx64!XdxQueryTlsLookupTable+0x6d6e\n 00000065`d578e360 00007ff9`c0a8c7d9 : 00000000`00000000 0000016a`bfb4dac8 00000065`d578e520 00000000`00001400 : atidxx64!AmdDxGsaFreeCompiledShader+0x70df16\n 00000065`d578e4d0 00007ff9`c02cd8b1 : 0000016a`c59fd108 0000016a`bfbc0ae0 ffffffff`fffffffe 00007ff9`cc295113 : atidxx64!AmdDxGsaFreeCompiledShader+0x7724a9\n 00000065`d578e500 00007ff9`cc298edc : 00000000`00000000 00000065`d578e730 0000016a`c59fd0f8 00007ff9`d207babb : atidxx64!XdxQueryTlsLookupTable+0x185c1\n 00000065`d578e630 00007ff9`cc2a295f : 00000065`00000001 0000016a`bfbbcef8 0000016a`c59fd0f8 0000016a`bfbb2fe0 : d3d11!CPixelShader::CLS::FinalConstruct+0x23c\n 00000065`d578e890 00007ff9`cc2a289a : 00000065`d578ef70 00007ff9`cc452388 0000016a`c59fcf90 00000000`00001817 : d3d11!CLayeredObjectWithCLS<CPixelShader>::FinalConstruct+0xa3\n 00000065`d578e920 00007ff9`cc28ee58 : 0000016a`c59fcfe8 00000065`d578ef70 00000065`d578efa0 00007ff9`cc452388 : d3d11!CLayeredObjectWithCLS<CPixelShader>::CreateInstance+0x152\n 00000065`d578e980 00007ff9`cc29b17d : ffffffff`fffffffe 0000016a`c59fcf90 00000000`0000007f 00000000`00000001 : d3d11!CDevice::CreateLayeredChild+0xc88\n 00000065`d578edc0 00007ff9`cc29b950 : 0000016a`c59fcf90 00000000`00000009 00000000`00000188 00000000`00000030 : d3d11!NDXGI::CDevice::CreateLayeredChild+0x6d\n 00000065`d578ef30 00007ff9`cc2814f4 : 0000016a`bfb9a840 00000000`00000009 0000016a`bfb4d800 0000016a`bfb9b078 : d3d11!NOutermost::CDevice::CreateLayeredChild+0x1b0\n 00000065`d578f120 00007ff9`cc281463 : 0000016a`bfb4d800 00630069`0000c000 00000065`d578f480 0056005f`00310031 : d3d11!CDevice::CreateAndRecreateLayeredChild<SD3D11LayeredPixelShaderCreationArgs>+0x64\n 00000065`d578f180 00007ff9`cc2811e8 : 0000016a`bfb9b078 0000016a`bfb4d800 00000000`00005208 00000000`00000000 : d3d11!CDevice::CreatePixelShader_Worker+0x203\n 00000065`d578f330 00007ff6`ea9a2f16 : 0000016a`bfbb30c0 00000065`d578f3f8 0000016a`bfb9b088 00000000`00000000 : d3d11!CDevice::CreatePixelShader+0x28\n 00000065`d578f380 00007ff6`ea9abeb0 : 00000000`00000000 00000000`00000000 0000016a`bfb52a40 0000016a`b4000000 : BasicHLSL11_VENDOR_ONLY+0x2f16\n 00000065`d578f7a0 00007ff6`ea9a9efc : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : BasicHLSL11_VENDOR_ONLY+0xbeb0\n 00000065`d578f8a0 00007ff6`ea9a989c : 00000000`00000000 005f0052`004f0044 00000000`00000034 00650078`0065002e : BasicHLSL11_VENDOR_ONLY+0x9efc\n 00000065`d578fac0 00007ff6`ea9a202b : 0000016a`bfb52a40 00000000`00000034 0000016a`bfb52a40 0000016a`bfb4d814 : BasicHLSL11_VENDOR_ONLY+0x989c\n 00000065`d578fcb0 00007ff6`ea9ca17e : 00000000`00000000 00000000`00000000 00000000`0000000a 00000000`00000000 : BasicHLSL11_VENDOR_ONLY+0x202b\n 00000065`d578fdd0 00007ff9`d0ef7bd4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : BasicHLSL11_VENDOR_ONLY+0x2a17e\n 00000065`d578fe10 00007ff9`d20aced1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : KERNEL32!BaseThreadInitThunk+0x14\n 00000065`d578fe40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21\n \n \n STACK_COMMAND: ~0s ; .cxr ; kb\n \n THREAD_SHA1_HASH_MOD_FUNC: 49198fbf3b363f0b8765e62f3b9a738d019dec91\n \n THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 1e14cb6c7ca288328f07ad05373cdc8d2e77d545\n \n THREAD_SHA1_HASH_MOD: 9aec76555bdc1e497180cb268a7d6f1cabfca19b\n \n FAULT_INSTR_CODE: c64c8b48\n \n SYMBOL_STACK_INDEX: 0\n \n SYMBOL_NAME: atidxx64!AmdDxGsaFreeCompiledShader+46b28a\n \n FOLLOWUP_NAME: MachineOwner\n \n MODULE_NAME: atidxx64\n \n IMAGE_NAME: atidxx64.dll\n \n DEBUG_FLR_IMAGE_TIMESTAMP: 5d97706a\n \n FAILURE_BUCKET_ID: INVALID_POINTER_READ_c0000005_atidxx64.dll!AmdDxGsaFreeCompiledShader\n \n BUCKET_ID: APPLICATION_FAULT_INVALID_POINTER_READ_atidxx64!AmdDxGsaFreeCompiledShader+46b28a\n \n FAILURE_EXCEPTION_CODE: c0000005\n \n FAILURE_IMAGE_NAME: atidxx64.dll\n \n BUCKET_ID_IMAGE_STR: atidxx64.dll\n \n FAILURE_MODULE_NAME: atidxx64\n \n BUCKET_ID_MODULE_STR: atidxx64\n \n FAILURE_FUNCTION_NAME: AmdDxGsaFreeCompiledShader\n \n BUCKET_ID_FUNCTION_STR: AmdDxGsaFreeCompiledShader\n \n BUCKET_ID_OFFSET: 46b28a\n \n BUCKET_ID_MODTIMEDATESTAMP: 5d97706a\n \n BUCKET_ID_MODCHECKSUM: 1b00f4d\n \n BUCKET_ID_MODVER_STR: 0.0.0.0\n \n BUCKET_ID_PREFIX_STR: APPLICATION_FAULT_INVALID_POINTER_READ_\n \n FAILURE_PROBLEM_CLASS: APPLICATION_FAULT\n \n FAILURE_SYMBOL_NAME: atidxx64.dll!AmdDxGsaFreeCompiledShader\n \n TARGET_TIME: 2019-10-16T10:50:02.000Z\n \n OSBUILD: 18362\n \n OSSERVICEPACK: 329\n \n SERVICEPACK_NUMBER: 0\n \n OS_REVISION: 0\n \n OSPLATFORM_TYPE: x64\n \n OSNAME: Windows 10\n \n OSEDITION: Windows 10 WinNt SingleUserTS\n \n USER_LCID: 0\n \n OSBUILD_TIMESTAMP: unknown_date\n \n BUILDDATESTAMP_STR: 190318-1202\n \n BUILDLAB_STR: 19h1_release\n \n BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202\n \n ANALYSIS_SESSION_ELAPSED_TIME: 5266\n \n ANALYSIS_SOURCE: UM\n \n FAILURE_ID_HASH_STRING: um:invalid_pointer_read_c0000005_atidxx64.dll!amddxgsafreecompiledshader\n \n FAILURE_ID_HASH: {08b458dc-1323-2abb-9f1a-d0ac543a793c}\n \n Followup: MachineOwner\n ---------\n \n\nVMware crash information:\n \n \n 2019-10-16T12:25:23.810+02:00| vcpu-1| I125: Progress 101% (none)\n 2019-10-16T12:25:44.067+02:00| svga| W115: ----Win32 exception detected, exceptionCode 0xc0000005 (access violation)----\n 2019-10-16T12:25:44.067+02:00| svga| W115: ExceptionAddress 0x7ff9c07855ba eflags 0x00010246\n 2019-10-16T12:25:44.067+02:00| svga| W115: rwFlags 0 badAddr 0x1ace6d323e8\n 2019-10-16T12:25:44.067+02:00| svga| W115: rax 0xffffffff rbx 0x1 rcx 0\n 2019-10-16T12:25:44.067+02:00| svga| W115: rdx 0xffffffff rsi 0x1a4e6d323d8 rdi 0xffffffff\n 2019-10-16T12:25:44.067+02:00| svga| W115: r8 0x1a4e6c919b0 r9 0 r10 0x9\n 2019-10-16T12:25:44.067+02:00| svga| W115: r11 0x9c53bf4b80 r12 0 r13 0x1a4e6cd74f0\n 2019-10-16T12:25:44.067+02:00| svga| W115: r14 0x1a4e6a5b8c8 r15 0\n 2019-10-16T12:25:44.067+02:00| svga| W115: rip 0x7ff9c07855ba rsp 0x9c53bf4c90 rbp 0xffffffff\n 2019-10-16T12:25:44.067+02:00| svga| W115: LastBranchToRip 0 LastBranchFromRip 0\n 2019-10-16T12:25:44.068+02:00| svga| W115: LastExceptionToRip 0 LastExceptionFromRip 0\n 2019-10-16T12:25:44.068+02:00| svga| W115: The following data was delivered with the exception:\n 2019-10-16T12:25:44.068+02:00| svga| W115: -- 0\n 2019-10-16T12:25:44.068+02:00| svga| W115: -- 0x1ace6d323e8\n 2019-10-16T12:25:44.068+02:00| svga| I125: CoreDump: Minidump file K:\\vmware_images\\windows_10_x64_uefi\\vmware-vmx.dmp exists. Rotating ...\n 2019-10-16T12:25:44.070+02:00| svga| W115: CoreDump: Writing minidump to K:\\vmware_images\\windows_10_x64_uefi\\vmware-vmx.dmp\n 2019-10-16T12:25:44.182+02:00| svga| I125: CoreDump: including module base 0x0x7ff6e4ec0000 size 0x0x01490000\n 2019-10-16T12:25:44.182+02:00| svga| I125: checksum 0x01005d98 timestamp 0x5d803d03\n 2019-10-16T12:25:44.182+02:00| svga| I125: image file K:\\tools\\vmware\\x64\\vmware-vmx.exe\n 2019-10-16T12:25:44.182+02:00| svga| I125: file version 15.5.0.49504\n 2019-10-16T12:25:44.182+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d2040000 size 0x0x001f0000\n 2019-10-16T12:25:44.182+02:00| svga| I125: checksum 0x001ed133 timestamp 0x99ca0526\n 2019-10-16T12:25:44.182+02:00| svga| I125: image file C:\\Windows\\System32\\ntdll.dll\n 2019-10-16T12:25:44.182+02:00| svga| I125: file version 10.0.18362.418\n 2019-10-16T12:25:44.182+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d0ee0000 size 0x0x000b2000\n 2019-10-16T12:25:44.182+02:00| svga| I125: checksum 0x000bbbc4 timestamp 0xd0cecc10\n 2019-10-16T12:25:44.182+02:00| svga| I125: image file C:\\Windows\\System32\\kernel32.dll\n 2019-10-16T12:25:44.182+02:00| svga| I125: file version 10.0.18362.329\n 2019-10-16T12:25:44.182+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ceff0000 size 0x0x002a3000\n 2019-10-16T12:25:44.182+02:00| svga| I125: checksum 0x002b1c84 timestamp 0xfba22159\n 2019-10-16T12:25:44.182+02:00| svga| I125: image file C:\\Windows\\System32\\KERNELBASE.dll\n 2019-10-16T12:25:44.182+02:00| svga| I125: file version 10.0.18362.418\n 2019-10-16T12:25:44.182+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cfbe0000 size 0x0x000fa000\n 2019-10-16T12:25:44.182+02:00| svga| I125: checksum 0x00103d88 timestamp 0x4361b720\n 2019-10-16T12:25:44.182+02:00| svga| I125: image file C:\\Windows\\System32\\ucrtbase.dll\n 2019-10-16T12:25:44.182+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d11b0000 size 0x0x00194000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x00195b72 timestamp 0x7daa1cfe\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\user32.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.418\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cfbb0000 size 0x0x00021000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0002b239 timestamp 0x5343f4fb\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\win32u.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d1690000 size 0x0x00026000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0002f763 timestamp 0x90b22122\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\gdi32.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ba9e0000 size 0x0x00016000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0001e3e1 timestamp 0x5c82fae2\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\VCRUNTIME140.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 14.20.27508.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cff50000 size 0x0x00194000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0019ed71 timestamp 0x1ff6ed38\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\gdi32full.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.356\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cfd10000 size 0x0x0009e000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x000a1dae timestamp 0x2085286c\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\msvcp_win.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d16e0000 size 0x0x00156000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x00164a1e timestamp 0x137cb3c6\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\ole32.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.113\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d08f0000 size 0x0x00336000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0033e15d timestamp 0x7b512025\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\combase.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.356\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d0d10000 size 0x0x00120000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x00124bf2 timestamp 0x0530c620\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\rpcrt4.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cfb30000 size 0x0x00080000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x00086602 timestamp 0x5c8eaa57\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\bcryptPrimitives.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.295\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d0150000 size 0x0x000a3000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x000a0ad7 timestamp 0x0ba7a4cd\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\advapi32.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.329\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d14a0000 size 0x0x0009e000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x000a591e timestamp 0xf5bdefd7\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\msvcrt.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 7.0.18362.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d1540000 size 0x0x00097000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x000a2387 timestamp 0x1c757ba0\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\sechost.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d0200000 size 0x0x006e5000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x006ee638 timestamp 0xdeca38c3\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\shell32.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cff00000 size 0x0x0004a000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x000542d0 timestamp 0xafaaabaa\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\cfgmgr32.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d0e30000 size 0x0x000a9000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x000b5f37 timestamp 0x48cfe63c\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\SHCore.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cf3b0000 size 0x0x0077f000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x00799857 timestamp 0x8ebbe9ca\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\windows.storage.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cef40000 size 0x0x0001f000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0002584e timestamp 0xfacae6c0\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\profapi.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cef60000 size 0x0x0004a000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0004e923 timestamp 0xfdc4588a\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\powrprof.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cef10000 size 0x0x00010000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0000d99d timestamp 0xa2ccd413\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\umpdc.dll\n 2019-10-16T12:25:44.183+02:00| svga| I125: file version 0.0.0.0\n 2019-10-16T12:25:44.183+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d10d0000 size 0x0x00052000\n 2019-10-16T12:25:44.183+02:00| svga| I125: checksum 0x0005e008 timestamp 0xf8807ba1\n 2019-10-16T12:25:44.183+02:00| svga| I125: image file C:\\Windows\\System32\\shlwapi.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cefb0000 size 0x0x00011000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000165ad timestamp 0x05bef372\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\kernel.appcore.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cefd0000 size 0x0x00017000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000209a8 timestamp 0xa51023f1\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\cryptsp.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d19e0000 size 0x0x00470000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00479990 timestamp 0xa7d94c0a\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\setupapi.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cfce0000 size 0x0x00026000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0002f62e timestamp 0xb59ada57\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\bcrypt.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d1610000 size 0x0x0006f000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00070793 timestamp 0x50866107\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\ws2_32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d0c30000 size 0x0x000c4000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000c7a6d timestamp 0x8fcb7820\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\oleaut32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.329\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cfdb0000 size 0x0x00149000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0014798b timestamp 0x080d7530\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\crypt32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cef20000 size 0x0x00012000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000134f9 timestamp 0xe4c2641f\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\msasn1.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff991ad0000 size 0x0x00099000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00095d08 timestamp 0x0f4dfe70\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\dsound.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ca420000 size 0x0x00024000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00022435 timestamp 0xd238be3c\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\winmm.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c8370000 size 0x0x000f0000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000f24a7 timestamp 0x0b289476\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\winhttp.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c6da0000 size 0x0x00041000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00042566 timestamp 0x42b29311\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\WinSCard.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x5ead0000 size 0x0x0001a000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0001ee05 timestamp 0x5d32a0b2\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file K:\\tools\\vmware\\x64\\zlib1.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 1.2.11.0\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ca600000 size 0x0x00013000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0001f367 timestamp 0x416eeff6\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\wtsapi32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ca360000 size 0x0x0002d000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0003505e timestamp 0xd6bb9be2\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\winmmbase.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ced10000 size 0x0x0002a000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00034410 timestamp 0x73cca382\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\devobj.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d15e0000 size 0x0x0002e000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0002d385 timestamp 0x4be57136\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\imm32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cdf50000 size 0x0x00031000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000338fa timestamp 0xd95e6299\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\ntmarta.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cd180000 size 0x0x00099000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x000962a9 timestamp 0xfdddb636\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file C:\\Windows\\System32\\uxtheme.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x5bb80000 size 0x0x00248000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x00248720 timestamp 0x5d32893f\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file K:\\tools\\vmware\\x64\\libeay32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 1.0.2.19\n 2019-10-16T12:25:44.184+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ade00000 size 0x0x0005d000\n 2019-10-16T12:25:44.184+02:00| svga| I125: checksum 0x0005f1c0 timestamp 0x5d32894e\n 2019-10-16T12:25:44.184+02:00| svga| I125: image file K:\\tools\\vmware\\x64\\ssleay32.dll\n 2019-10-16T12:25:44.184+02:00| svga| I125: file version 1.0.2.19\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ce2f0000 size 0x0x00033000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0003d7b5 timestamp 0xfa3c3542\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\rsaenh.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ce950000 size 0x0x0000c000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0000fc85 timestamp 0xfef011a6\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\CRYPTBASE.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cee00000 size 0x0x0002f000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0003972a timestamp 0x250d8234\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\sspicli.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ce780000 size 0x0x00067000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00066c3e timestamp 0x18af169c\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\mswsock.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ce4d0000 size 0x0x000ca000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x000cd47e timestamp 0x997f6419\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\dnsapi.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d1490000 size 0x0x00008000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00007f98 timestamp 0x64ef9ebf\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\nsi.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ce490000 size 0x0x0003a000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0003db3f timestamp 0x50afe730\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\IPHLPAPI.DLL\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bfba0000 size 0x0x0000a000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0000f693 timestamp 0x6a2bea39\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\rasadhlp.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d18c0000 size 0x0x000a2000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x000a702b timestamp 0x9506208f\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\clbcatq.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 2001.12.10941.16384\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bdec0000 size 0x0x00011000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00017bcc timestamp 0x6e82a406\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\wbem\\wbemprox.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bde30000 size 0x0x00084000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00085b03 timestamp 0x6af5c06d\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\wbemcomn.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bdac0000 size 0x0x00014000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00016a19 timestamp 0xf9651a38\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\wbem\\wbemsvc.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bd550000 size 0x0x00101000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00102890 timestamp 0x65ead981\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\wbem\\fastprox.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bda70000 size 0x0x00015000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0001da1b timestamp 0xb26a0aaf\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\amsi.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cee30000 size 0x0x00025000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00028d50 timestamp 0xdbb466d6\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\userenv.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9bda20000 size 0x0x00044000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0004ae46 timestamp 0xafa3cfd3\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.1909.6-0\\MpOAV.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 4.18.1909.6\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9ca1c0000 size 0x0x0000a000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00013092 timestamp 0x927b71e6\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\version.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d1680000 size 0x0x00008000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x0000d177 timestamp 0x3ebc2f6d\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\psapi.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c62a0000 size 0x0x001f4000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x001dca4b timestamp 0xe04b92e8\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\dbghelp.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9d1350000 size 0x0x00136000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00137919 timestamp 0x1dc2f89b\n 2019-10-16T12:25:44.185+02:00| svga| I125: image file C:\\Windows\\System32\\msctf.dll\n 2019-10-16T12:25:44.185+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.185+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cf350000 size 0x0x0005c000\n 2019-10-16T12:25:44.185+02:00| svga| I125: checksum 0x00063f04 timestamp 0x1a03c9d6\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\wintrust.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cdfc0000 size 0x0x0005c000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0005ea7c timestamp 0x029f3766\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\winsta.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.53\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cc270000 size 0x0x0025b000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x00262b94 timestamp 0x7e72d1cb\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\d3d11.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cdbf0000 size 0x0x000eb000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x000ed5a5 timestamp 0xb54a43bb\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\dxgi.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.387\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cdb60000 size 0x0x00020000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0002a5ba timestamp 0xbc0e8e8e\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\DXCore.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cd090000 size 0x0x0008f000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x000912fd timestamp 0xff74693c\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\apphelp.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c2930000 size 0x0x001e0000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x001eca35 timestamp 0x5d976bfd\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\aticfx64.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 26.20.13025.10004\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c28f0000 size 0x0x00036000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0003777f timestamp 0x5d976c4a\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atiuxp64.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 26.20.13025.10004\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c02b0000 size 0x0x02639000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x01b00f4d timestamp 0x5d97706a\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 26.20.13025.10004\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c0280000 size 0x0x0002b000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0000000000 timestamp 0x5cf7100d\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\amdihk64.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 1.0.0.0\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9be720000 size 0x0x0002b000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0002a232 timestamp 0xfcc30f70\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\D3DSCache.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cd340000 size 0x0x0025a000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0026b282 timestamp 0x42f071ca\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\twinapi.appcore.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cd850000 size 0x0x00029000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x00035828 timestamp 0x5be0eb17\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\rmclient.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9acc50000 size 0x0x00066000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0007092f timestamp 0x6c139455\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\SensorsApi.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9af450000 size 0x0x00028000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x00026273 timestamp 0x9b1f4cab\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\SensorsNativeApi.V2.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9b3550000 size 0x0x00025000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x000262e4 timestamp 0x348cb243\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\SensorsUtilsV2.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9cae20000 size 0x0x000ef000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x000fa20a timestamp 0xbc1b9802\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\propsys.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 7.0.18362.267\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff99feb0000 size 0x0x00030000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x00035f43 timestamp 0x65441c6d\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\PortableDeviceTypes.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9addc0000 size 0x0x0003b000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x0003d78f timestamp 0xebb2781b\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\deviceaccess.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c78f0000 size 0x0x000ae000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x000b1c17 timestamp 0xdb1735e2\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\mscms.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c8350000 size 0x0x00017000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x00016d5e timestamp 0x9fd55c48\n 2019-10-16T12:25:44.186+02:00| svga| I125: image file C:\\Windows\\System32\\ColorAdapterClient.dll\n 2019-10-16T12:25:44.186+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.186+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c6990000 size 0x0x00043000\n 2019-10-16T12:25:44.186+02:00| svga| I125: checksum 0x00046d10 timestamp 0x0830af3e\n 2019-10-16T12:25:44.187+02:00| svga| I125: image file C:\\Windows\\System32\\icm32.dll\n 2019-10-16T12:25:44.187+02:00| svga| I125: file version 10.0.18362.267\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: including module base 0x0x7ff9c6270000 size 0x0x0002a000\n 2019-10-16T12:25:44.187+02:00| svga| I125: checksum 0x00032d6f timestamp 0x17edc79f\n 2019-10-16T12:25:44.187+02:00| svga| I125: image file C:\\Windows\\System32\\dbgcore.dll\n 2019-10-16T12:25:44.187+02:00| svga| I125: file version 10.0.18362.1\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 13800\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 15280\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 15716\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 12696\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 16368\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 8204\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 10196\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 15308\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 11152\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 9488\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 7044\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 11400\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 9248\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 7028\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 15256\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 16372\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 1456\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 12300\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 11408\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 6524\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 16260\n 2019-10-16T12:25:44.187+02:00| svga| I125: CoreDump: Including thread 15952\n 2019-10-16T12:25:44.271+02:00| svga| I125: Backtrace:\n 2019-10-16T12:25:44.272+02:00| svga| I125: backtrace[00] frame 0x9c53bf4f00 IP 0x7ff9c0784abb params 0x1a4e6d13d01 0x9c53bf5000 0x9c53bf4f40 0x7ff900000000 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000004d3abb] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.272+02:00| svga| I125: backtrace[01] frame 0x9c53bf5040 IP 0x7ff9c077c64e params 0x1a4e6a5b8c8 0x9c53bf5070 0x3 0x1 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000004cb64e] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.272+02:00| svga| I125: backtrace[02] frame 0x9c53bf5150 IP 0x7ff9c077bacd params 0x9c53bf5420 0 0 0 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000004caacd] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.272+02:00| svga| I125: backtrace[03] frame 0x9c53bf52f0 IP 0x7ff9c077b71b params 0 0 0x1a4e6d2fbf0 0x1a4e6a5b8c8 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000004ca71b] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[04] frame 0x9c53bf5700 IP 0x7ff9c077ac84 params 0x1a4e6a5b8c8 0x1a400000000 0x1a400000000 0x1a4e6a5b8c8 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000004c9c84] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[05] frame 0x9c53bf5750 IP 0x7ff9c077370e params 0x1a400000000 0x1a400000000 0x1a4d8459360 0x9c53bf5839 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000004c270e] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[06] frame 0x9c53bf5890 IP 0x7ff9c0412f0d params 0x1a4d8459360 0x1a4e6a5b8b0 0x1a4000004dc 0x1a4d8459360 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x0000000000161f0d] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[07] frame 0x9c53bf5a50 IP 0x7ff9c04276b6 params 0x1a4d851d280 0x1a4d853e758 0x4 0x1a4d851d280 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000001766b6] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[08] frame 0x9c53bf5ad0 IP 0x7ff9c0416770 params 0x1a4d851d280 0x1a4d849aac0 0x9c53bf62a0 0x1a4d851d280 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x0000000000165770] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[09] frame 0x9c53bf6050 IP 0x7ff9c03f59c4 params 0x1 0x9c53bf62a0 0x1a4d849aac0 0x9c53bf62a0 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000001449c4] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[10] frame 0x9c53bf6080 IP 0x7ff9c0339404 params 0 0x9c53bf6190 0x9c53bf62a0 0x1a4d31f6660 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x0000000000088404] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[11] frame 0x9c53bf61f0 IP 0x7ff9c0ac0518 params 0 0 0 0 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x000000000080f518] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[12] frame 0x9c53bf6250 IP 0x7ff9c0aa5c5b params 0 0x1a4d849a7c0 0x1a4d3214890 0x9c53bf9f10 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000007f4c5b] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[13] frame 0x9c53bf9eb0 IP 0x7ff9c0aa5792 params 0x1a4d849a7c0 0 0x1a4d3259c40 0x9c53bf9f10 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000007f4792] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[14] frame 0x9c53bf9ee0 IP 0x7ff9c0ad61a3 params 0x41 0x1a4d8516400 0x1a4d3247190 0x1a4d3222560 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000008251a3] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.273+02:00| svga| I125: backtrace[15] frame 0x9c53bf9f40 IP 0x7ff9c0aa5667 params 0 0x9c53bfa230 0 0x7ff9d207fc11 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000007f4667] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.274+02:00| svga| I125: backtrace[16] frame 0x9c53bf9f80 IP 0x7ff9c0b75251 params 0 0 0x9c53bfa230 0x7ff9d208346d [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x00000000008c4251] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.274+02:00| svga| I125: backtrace[17] frame 0x9c53bf9fc0 IP 0x7ff9c0334d6a params 0x1a4d323c670 0x3 0x3 0 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x0000000000083d6a] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.274+02:00| svga| I125: backtrace[18] frame 0x9c53bfa050 IP 0x7ff9c0334bb3 params 0x1 0 0x1a34aa80434 0x7ff900000003 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x0000000000083bb3] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.274+02:00| svga| I125: backtrace[19] frame 0x9c53bfa090 IP 0x7ff9c02bc05e params 0 0x9c53bfa230 0 0xffffffffffffffff [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x000000000000b05e] XdxQueryTlsLookupTable\n 2019-10-16T12:25:44.274+02:00| svga| I125: backtrace[20] frame 0x9c53bfa200 IP 0x7ff9c0a28246 params 0x1a4db959448 0x1a4dc386adc 0x1a34db87180 0x1 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x0000000000777246] AmdDxGsaFreeCompiledShader\n 2019-10-16T12:25:44.274+02:00| svga| I125: backtrace[21] frame 0x9c53bfa330 IP 0x7ff9c02cd8b1 params 0 0x9c53bfa440 0x1a4db959438 0x7ff9d207ba17 [C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\u0347338.inf_amd64_17d1b402964eb558\\B347375\\atidxx64.dll base 0x00007ff9c02b0000 0x0001:0x000000000001c8b1] XdxQueryTlsLookupTable\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[22] frame 0x9c53bfa338 IP 0x7ff9cc298edc params 0x9c53bfa440 0x1a4db959438 0x7ff9d207ba17 0x9c53bfa4b0 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x0000000000027edc] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x28edc\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[23] frame 0x9c53bfa620 IP 0x7ff9cc2a295f params 0x9c53bfac80 0x7ff9cc452388 0x1a4db9592d0 0 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x000000000003195f] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x3295f\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[24] frame 0x9c53bfa680 IP 0x7ff9cc2a289a params 0x1a4db959328 0x9c53bfac80 0x9c53bfacb0 0x7ff9cc452388 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x000000000003189a] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x3289a\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[25] frame 0x9c53bfaac0 IP 0x7ff9cc28ee58 params 0 0x1a4db9592d0 0 0x1a34aa80000 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x000000000001de58] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x1ee58\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[26] frame 0x9c53bfac30 IP 0x7ff9cc29b17d params 0x1a4db9592d0 0x9 0x188 0x30 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x000000000002a17d] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x2b17d\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[27] frame 0x9c53bfae20 IP 0x7ff9cc29b950 params 0x1a34db77c50 0x7ff900000009 0x1a4dc386a40 0x1a34db78488 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x000000000002a950] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x2b950\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[28] frame 0x9c53bfae80 IP 0x7ff9cc2814f4 params 0x1a4dc386a40 0xb000 0x9c53bfb190 0x21c60 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x00000000000104f4] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x114f4\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[29] frame 0x9c53bfb030 IP 0x7ff9cc281463 params 0x1a34db78488 0x1a4dc386a40 0x53e0 0 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x0000000000010463] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x11463\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[30] frame 0x9c53bfb080 IP 0x7ff9cc2811e8 params 0 0x9c53bfb190 0x1a4dbb6ab80 0 [C:\\WINDOWS\\SYSTEM32\\D3D11.DLL base 0x00007ff9cc270000 0x0001:0x00000000000101e8] <C:\\WINDOWS\\SYSTEM32\\D3D11.DLL>+0x111e8\n 2019-10-16T12:25:44.275+02:00| svga| I125: backtrace[31] frame 0x9c53bfb088 IP 0x7ff6e517ef43 params 0x9c53bfb190 0x1a4dbb6ab80 0 0x1a4dc4c6cc0 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000002bdf43] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x2bef43\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[32] frame 0x9c53bff1b0 IP 0x7ff6e5180af6 params 0x7ff6e4ec0000 0x1a4d38ae5a0 0x1a4d38ae5a0 0x5000 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000002bfaf6] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x2c0af6\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[33] frame 0x9c53bff6f0 IP 0x7ff6e517fbc9 params 0x1a4dc3a38f0 0x7ff6e4ec0000 0x502b 0x502b [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000002bebc9] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x2bfbc9\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[34] frame 0x9c53bff730 IP 0x7ff6e517cb61 params 0x1a4dc3a3850 0xa 0x1a4dc3a93b8 0xa [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000002bbb61] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x2bcb61\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[35] frame 0x9c53bff780 IP 0x7ff6e51aec0e params 0x100 0x9c53bff900 0x880 0x1a4dc3a3840 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000002edc0e] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x2eec0e\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[36] frame 0x9c53bff7f0 IP 0x7ff6e50b2d3b params 0x8801 0x100 0 0xa68 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000001f1d3b] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x1f2d3b\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[37] frame 0x9c53bff9b0 IP 0x7ff6e5031742 params 0 0x1 0x9c53bffa2c 0x140 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x0000000000170742] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x171742\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[38] frame 0x9c53bff9e0 IP 0x7ff6e502f358 params 0 0xa 0xa 0x1a300000000 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x000000000016e358] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x16f358\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[39] frame 0x9c53bffa50 IP 0x7ff6e4f7b45a params 0x1a4d3695080 0x7ff6e4f7b170 0xffffffffffffffff 0 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x00000000000ba45a] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0xbb45a\n 2019-10-16T12:25:44.276+02:00| svga| I125: backtrace[40] frame 0x9c53bffb10 IP 0x7ff6e54c4e09 params 0 0 0 0 [K:\\tools\\vmware\\x64\\vmware-vmx.exe base 0x00007ff6e4ec0000 0x0001:0x0000000000603e09] <K:\\tools\\vmware\\x64\\vmware-vmx.exe>+0x604e09\n 2019-10-16T12:25:44.278+02:00| svga| I125: backtrace[41] frame 0x9c53bffb18 IP 0x7ff9d0ef7bd4 params 0 0 0 0 [C:\\WINDOWS\\System32\\KERNEL32.DLL base 0x00007ff9d0ee0000 0x0001:0x0000000000016bd4] BaseThreadInitThunk\n 2019-10-16T12:25:44.281+02:00| svga| I125: backtrace[42] frame 0x9c53bffb48 IP 0x7ff9d20aced1 params 0 0 0 0 [C:\\WINDOWS\\SYSTEM32\\ntdll.dll base 0x00007ff9d2040000 0x0001:0x000000000006bed1] RtlUserThreadStart\n 2019-10-16T12:25:44.281+02:00| svga| I125: Msg_Post: Error\n 2019-10-16T12:25:44.281+02:00| svga| I125: [msg.log.error.unrecoverable] VMware Workstation unrecoverable error: (svga)\n 2019-10-16T12:25:44.281+02:00| svga| I125+ Exception 0xc0000005 (access violation) has occurred.\n 2019-10-16T12:25:44.281+02:00| svga| I125: [msg.panic.haveLog] A log file is available in \"K:\\vmware_images\\windows_10_x64_uefi\\vmware.log\". \n 2019-10-16T12:25:44.281+02:00| svga| I125: [msg.panic.requestSupport.withoutLog] You can request support. \n 2019-10-16T12:25:44.281+02:00| svga| I125: [msg.panic.requestSupport.vmSupport.windowsOrLinux] \n 2019-10-16T12:25:44.281+02:00| svga| I125+ To collect data to submit to VMware support, choose \"Collect Support Data\" from the Help menu.\n 2019-10-16T12:25:44.281+02:00| svga| I125+ You can also run the \"vm-support\" script in the Workstation folder directly.\n 2019-10-16T12:25:44.281+02:00| svga| I125: [msg.panic.response] We will respond on the basis of your support entitlement.\n 2019-10-16T12:25:44.281+02:00| svga| I125: ----------------------------------------\n 2019-10-16T12:25:44.965+02:00| mks| W115: Panic in progress... ungrabbing\n 2019-10-16T12:25:44.965+02:00| mks| I125: MKS: Release starting (Panic)\n 2019-10-16T12:25:44.965+02:00| mks| I125: MKS: Release finished (Panic)\n \n\n### Timeline\n\n2019-10-23 - Vendor Disclosure 2019-01-13 - Vendor confirmed fix and no issues found on versions 15.5.1 with 20.1.1 AMD drivers \n2020-01-21 - Public Release\n\n##### Credit\n\nDiscovered by Piotr Bania of Cisco Talos.\n\n* * *\n\nVulnerability Reports Next Report\n\nTALOS-2019-0964\n\nPrevious Report\n\nTALOS-2019-0936\n", "edition": 4, "modified": "2020-01-21T00:00:00", "published": "2020-01-21T00:00:00", "id": "TALOS-2019-0937", "href": "http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0937", "title": "AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability", "type": "talos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "talosblog": [{"lastseen": "2020-01-28T11:39:35", "bulletinFamily": "blog", "cvelist": ["CVE-2019-5124", "CVE-2019-5146", "CVE-2019-5147", "CVE-2019-5183"], "description": "[](<https://1.bp.blogspot.com/-4KmzPgCzEnI/XUgv9m3AF_I/AAAAAAAAAC4/C28-47fWukERV4yT0uQnA2_xuy2aB8ZkgCPcBGAYYCw/s1600/recurring%2Bblog%2Bimages_vuln%2Bspotlight.jpg>)\n\n \n_[Piotr Bania](<https://twitter.com/piotrbania?lang=en>) of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw._ \n \nMultiple vulnerabilities exist in a driver associated with the AMD Radeon line of graphics cards. An attacker can exploit these bugs by providing a specially crafted shader file to the user while using \n\n\n[](<https://1.bp.blogspot.com/-JXkSIehaKi4/XUgwEX6wLjI/AAAAAAAAAC8/8mea4rZfy7AGT_PIchejkERmCFmfdbxTACPcBGAYYCw/s1600/patch_availability_available.jpg>)\n\nVMware Workstation 15. These attacks can be triggered from VMware guest usermode to cause a variety of errors, potentially allowing an attacker to cause a denial-of-service condition or gain the ability to remotely execute code. \n \nIn accordance with our coordinated disclosure policy, Cisco Talos worked with AMD and VMware to ensure that these issues are resolved and that [an update](<https://drivers.amd.com/drivers/beta/win10-radeon-software-adrenalin-2020-edition-20.1.1-jan9.exe>) is available for affected customers. \n \n \n \n\n\n### Vulnerability details\n\n**AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability (TALOS-2019-0913/CVE-2019-5124)** \n \n \nAn exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. \n \nRead the complete vulnerability advisory [here](<https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0913>) for additional information. \n** \n****AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability (TALOS-2019-0936/CVE-2019-5147)** \n \nAn exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. \n \nRead the complete vulnerability advisory [here](<https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0936>) for additional information. \n \n**AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability (TALOS-2019-0937/CVE-2019-5146)** \n \nAn exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. \n \nRead the complete vulnerability advisory [here](<https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0937>) for additional information. \n \n**AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability (TALOS-2019-0964/CVE-2019-5183)** \n \nAn exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. \n\n\n \n\n\nRead the complete vulnerability advisory [here](<https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0964>) for additional information. \n \n\n\n### Versions tested\n\nTalos tested and confirmed that these vulnerabilities affect AMD ATIDXX64.DLL, version 26.20.13025.10004 running on the Radeon RX 550 series of graphics cards, while running on VMware Workstation 15, version 15.5.0, build-14665864 with Windows 10 x64 running as the guestVM. \n \n\n\n### Coverage\n\nThe following SNORT\u24c7 rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. \n \nSnort Rules: 52008, 52009, 52050, 52051, 52367, 52368 \n\n\n \n\n\n", "modified": "2020-01-22T06:15:57", "published": "2020-01-22T06:15:57", "id": "TALOSBLOG:E9EF8812CF8CF7754CD7AD5542FB2103", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/0XSSbjbX5yY/vuln-spotlight-AMD-VM-jan-2020.html", "type": "talosblog", "title": "Vulnerability Spotlight: Multiple vulnerabilities in some AMD graphics cards", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "attackerkb": [{"lastseen": "2020-11-18T06:51:57", "bulletinFamily": "info", "cvelist": ["CVE-2019-5124", "CVE-2019-5146", "CVE-2019-5147", "CVE-2019-5183"], "description": "An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.\n\n \n**Recent assessments:** \n \n**zeroSteiner** at February 04, 2020 8:16pm UTC reported:\n\nThe attacker utility for this particular vulnerability is limited by the hardware dependency. Additionally the vulnerability as described in the [original disclosure](<https://talosintelligence.com/vulnerability_reports/TALOS-2019-0964>) can not be used for privilege escalation, only VMWare escapes.\n\nThe `vmware-vmx.exe` process on the host OS runs as the user which started VMware which is why the vulnerability would not yield SYSTEM privileges on the host. At the time of this writing, the `vmware-vmx.exe` process does not utilize the new Control Flow Guard which would make it easier to overwrite an entry in the vtable with a function pointer, aiding in exploit development.\n\nWhile a failed exploit attempt would not crash the host OS because the vulnerability is not kernel mode, the VMWare guest maybe affected and become unresponsive.\n\nAssessed Attacker Value: 3 \nAssessed Attacker Value: 4**bwatters-r7** at February 04, 2020 8:31pm UTC reported:\n\nThe attacker utility for this particular vulnerability is limited by the hardware dependency. Additionally the vulnerability as described in the [original disclosure](<https://talosintelligence.com/vulnerability_reports/TALOS-2019-0964>) can not be used for privilege escalation, only VMWare escapes.\n\nThe `vmware-vmx.exe` process on the host OS runs as the user which started VMware which is why the vulnerability would not yield SYSTEM privileges on the host. At the time of this writing, the `vmware-vmx.exe` process does not utilize the new Control Flow Guard which would make it easier to overwrite an entry in the vtable with a function pointer, aiding in exploit development.\n\nWhile a failed exploit attempt would not crash the host OS because the vulnerability is not kernel mode, the VMWare guest maybe affected and become unresponsive.\n\nAssessed Attacker Value: 2 \nAssessed Attacker Value: 3\n", "modified": "2020-07-24T00:00:00", "published": "2020-01-25T00:00:00", "id": "AKB:D1546F47-6385-4452-85B4-BCD67F93AF06", "href": "https://attackerkb.com/topics/fNB9TWnvPF/cve-2019-5183", "type": "attackerkb", "title": "CVE-2019-5183", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
