exploitDog

CVE-2020-12911

Опубликовано: 13 окт. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This vulnerability can be triggered from a non-privileged account.

Ссылки

https://www.amd.com/en/corporate/product-security
Patch
Vendor Advisory
https://www.amd.com/en/corporate/product-security
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:amd:atikmdag.sys:26.20.15029.27017:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00045

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-125

CWE-125

Связанные уязвимости

GHSA-j6jx-cc47-vqv7

github

больше 3 лет назад

A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This vulnerability can be triggered from a non-privileged account.

EPSS

Процентиль: 14%

0.00045

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-125

CWE-125