Lucene search

[email protected]NVD:CVE-2020-12933

HistoryOct 13, 2020 - 10:15 p.m.

CVE-2020-12933

2020-10-1322:15:14

CWE-125

[email protected]

web.nvd.nist.gov

denial of service

amd atikmdag.sys

out-of-bounds read

windows os kernel

non-privileged account

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.6%

JSON

A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTEscape API request can cause an out-of-bounds read in Windows OS kernel memory area. This vulnerability can be triggered from a non-privileged account.

Affected configurations

Nvd

Node

amdatikmdag.sysMatch26.20.15029.27017

VendorProductVersionCPE
amdatikmdag.sys26.20.15029.27017cpe:2.3:o:amd:atikmdag.sys:26.20.15029.27017:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
amd	atikmdag.sys	26.20.15029.27017	cpe:2.3:o:amd:atikmdag.sys:26.20.15029.27017:::::::*

References

www.amd.com/en/corporate/product-security

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2020-12933

prion1 lenovo2 cve1 hp1 cvelist1 talos1