Radeon Software Security Vulnerabilities - CVSS Score 5 - 6

CVE-2020-12897

Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

CVE-2020-12901

Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.

CVE-2020-12904

Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.

CVE-2020-12905

Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure.

CVE-2020-12920

A potential denial of service issue exists in the AMD Display driver Escape 0x130007 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck.

CVE-2020-12960

AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS).

CVE-2020-12987

A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.

CVE-2021-26361

A malicious or compromised User Application (UApp) or AGESA Boot Loader (ABL) could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure.

CVE-2021-26393

Insufficient memory cleanup in the AMD Secure Processor (ASP) Trusted Execution Environment (TEE) may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of confiden...

CVE-2021-46748

Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.