Advanced Micro Devices Windows kernel drivers vulnerable to insufficient access control on its IOCTL

Overview Multiple Windows kernel drivers provided by Advanced Micro Devices Inc. are vulnerable to insufficient access control on its IOCTL CWE-782, CVE-2023-20598. Takahiro Haruyama of VMware reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact By sending a...

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution...

Input validation

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution...

AMD Radeon Security Vulnerability

AMD Radeon is a device driver and utility package for Advanced Micro Devices graphics cards and GPUs from UltraMicro Semiconductor AMD. A security vulnerability exists in the AMD Radeon Graphics driver that stems from improper privilege management and could allow an authenticated attacker to craf...

PHOENIX CONTACT TdkLib64.sys 安全漏洞

PHOENIX CONTACT TdkLib64.sys is a core application from PHOENIX CONTACT, Germany. A security vulnerability exists in PHOENIX CONTACT TdkLib64.sys, which stems from the vulnerability of TdkLib64.sys to insufficient IOCTL access control, where by sending a specific IOCTL request, an attacker withou...

PT-2023-6892

Name of the Vulnerable Software and Affected Versions AMD Radeon Graphics driver affected versions not specified Description The issue is related to improper privilege management in the AMD Radeon Graphics driver, which may allow an authenticated attacker to craft an IOCTL request to gain I/O...