Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-5049

Опубликовано: 31 окт. 2019
Источник: nvd
CVSS3: 10
CVSS2: 7.5
EPSS Низкий

Описание

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:amd:radeon_rx_550_firmware:25.20.15031.5004:*:*:*:*:*:*:*
cpe:2.3:o:amd:radeon_rx_550_firmware:25.20.15031.9002:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_550:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:amd:radeon_550_firmware:25.20.15031.5004:*:*:*:*:*:*:*
cpe:2.3:o:amd:radeon_550_firmware:25.20.15031.9002:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_550:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

Одно из

cpe:2.3:o:amd:radeon_rx_550x_firmware:25.20.15031.5004:*:*:*:*:*:*:*
cpe:2.3:o:amd:radeon_rx_550x_firmware:25.20.15031.9002:*:*:*:*:*:*:*
cpe:2.3:h:amd:radeon_rx_550x:-:*:*:*:*:*:*:*

EPSS

Процентиль: 61%
0.00418
Низкий

10 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

github логотип

GHSA-7p5r-q7hh-vhjj

github
больше 3 лет назад

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

EPSS

Процентиль: 61%
0.00418
Низкий

10 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-787