14 matches found
CVE-2020-12985
CVE-2020-12985 refers to an insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10, which may lead to escalation of privileges or a denial of service. Affected product: AMD Graphics Driver for Windows 10. Root cause: insufficient pointer validation in the driver. ...
CVE-2020-12930
CVE-2020-12930 is an AMD ASP/PSP driver vulnerability described as improper parameter handling that could allow a privileged attacker to elevate privileges, potentially compromising integrity. The AMD security bulletin AMD-SB-5001 maps this CVE to various AMD Embedded/ Ryzen platforms and provide...
CVE-2021-26393
CVE-2021-26393 describes insufficient memory cleanup in the AMD Secure Processor (ASP) TEE, which could allow an authenticated user with privileges to generate a valid signed TA and potentially poison process memory, leading to confidentiality loss. The connected AMD security bulletin (AMD-SB-500...
CVE-2020-12981
CVE-2020-12981 affects AMD Graphics Driver for Windows 10. It stems from insufficient input validation in the driver, allowing unprivileged users to unload the driver and potentially cause memory corruption in high-privileged processes, leading to privilege escalation or denial of service. Remedi...
CVE-2020-12891
CVE-2020-12891 (AMD Radeon Software) vulnerability involves DLL hijacking via the DLL search path. An unprivileged user could drop a malicious DLL in any location on the PATH, potentially impacting AMD Radeon Software for Windows. Affected: AMD Radeon Software for Windows 10 and related AMD Graph...
CVE-2020-12982
CVE-2020-12982 is an issue in the AMD Graphics Driver for Windows 10 describing an invalid object pointer free vulnerability that could lead to privilege escalation or denial of service . The AMD security bulletin AMD-SB-1000 attributes this CVE to the AMD graphics stack and lists mitigations: Ra...
CVE-2020-12931
The CVE-2020-12931 issue affects the AMD Secure Processor (ASP) kernel, caused by improper parameter handling, enabling a privileged attacker to elevate privileges and potentially compromise integrity. AMD’s AMD-SB-5001 bulletin maps this vulnerability across ASP/PSP components (ASP kernel) and p...
CVE-2020-12983
CVE-2020-12983 : The AMD Graphics Driver for Windows 10 contains an out-of-bounds write vulnerability that may lead to privilege escalation or denial of service. AMD-SB-1000 details the affected products and mitigations, listing mitigated versions starting at 20.7.1+ for AMD Radeon Software (Ente...
CVE-2020-12980
CVE-2020-12980 is a vulnerability in the AMD Graphics Driver for Windows 10 described as an out-of-bounds write and read . The available connected documents confirm the affected component and the impact: potential for escalation of privilege or denial of service . The AMD security bulletin AMD-SB...
CVE-2020-12986
CVE-2020-12986 is an AMD Graphics Driver for Windows 10 vulnerability described as an insufficient pointer validation issue that can enable arbitrary code execution in the kernel, causing privilege escalation or denial of service. The AMD Security Bulletin AMD-SB-1000 lists this CVE and notes mit...
CVE-2021-26392
CVE-2021-26392 involves insufficient verification of a missing size check in LoadModule, leading to an out-of-bounds write that could enable code execution in the OS/kernel via loading a malicious TA. AMD’s related bulletin (AMD-SB-5001) labels this CVE as Medium and provides mitigations through ...
CVE-2021-26360
CVE-2021-26360 describes a local-attack vulnerability in the AMD Secure Processor (ASP) where an attacker with local access can modify the security configuration of the SOC registers, potentially corrupting the ASP’s encrypted memory and enabling arbitrary code execution in the ASP environment. T...
CVE-2020-12987
CVE-2020-12987 is a vulnerability described as a heap information leak/kernel pool address disclosure in the AMD Graphics Driver for Windows 10, potentially enabling a KASLR bypass. The AMD bulletins and third-party references confirm the affected product: AMD Graphics Driver for Windows 10, with...
CVE-2021-26391
CVE-2021-26391 affects AMD firmware/TPM-like trust environment: insufficient verification of multiple header signatures when loading a Trusted Application (TA) may allow a privileged attacker to gain code execution in the TA or OS/kernel. AMD-SB-4001 lists this CVE as Medium severity and provides...