AMD Windows 10 graphics drivers with vulnerabilities (Nov. 2021)

Sicherheit (Pexels, allgemeine Nutzung)[German]Users with AMD graphics cards and Windows 10 should look into the issue of updating AMD graphics drivers. The manufacturer has admitted that its Windows 10 graphics drivers have numerous vulnerabilities. Some vulnerabilities (e.g. in the graphics driver) are classified with security score high.


Advertising

The vulnerabilities in various APIs have been discovered during a comprehensive analysis of AMD Escape calls in several APIs. The vulnerabilities could lead to privilege escalation, denial of service, information disclosure, KASLR bypass, or arbitrary writes to kernel memory. AMD has listed the following vulnerabilities in the security bulletin AMD SB 1000.

  • CVE-2020-12902, High: Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
  • CVE-2020-12891, High: AMD Radeon Software  may be vulnerable to DLL Hijacking through path variable. An  unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
  • CVE-2020-12892, High: An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or unauthorized code execution.
  • CVE-2020-12893, High: Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape 0x15002a may lead to escalation of privilege or denial of service.
  • CVE-2020-12894, High: Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x40010d may lead to arbitrary write to kernel memory or denial of service.
  • CVE-2020-12895, High: Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x110037 may lead to   escalation of privilege, information disclosure or denial of service.
  • CVE-2020-12898, High:  Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
  • CVE-2020-12901, High:  Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.
  • CVE-2020-12903, High: Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service.
  • CVE-2020-12900, High: An arbitrary write vulnerability in the AMD Radeon Graphics Driver for Windows 10 potentially allows unprivileged users to gain Escalation of Privileges and cause Denial of Service.
  • CVE-2020-12929, High: Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution.
  • CVE-2020-12960, High: AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS).
  • CVE-2020-12980, High: An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
  • CVE-2020-12981, High: An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.
  • CVE-2020-12982, High: An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
  • CVE-2020-12983, High: An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.
  • CVE-2020-12985, High: An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
  • CVE-2020-12986, High: An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.
  • CVE-2020-12962, Medium: Escape call interface in the AMD Graphics Driver for Windows may cause privilege escalation.
  • CVE-2020-12904, Medium: Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.
  • CVE-2020-12905, Medium: Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure.
  • CVE-2020-12964, Medium: A potential privilege escalation/denial of service issue exists in the AMD Radeon Kernel Mode driver Escape 0x2000c00 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck or write to leak information.
  • CVE-2020-12987, Medium: A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
  • CVE-2020-12920, Medium:  A potential denial of service issue exists in the AMD Display driver Escape 0x130007 Call handler. An attacker with low privilege could potentially induce a Windows BugCheck.
  • CVE-2020-12899, Medium: Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or denial of service.
  • CVE-2020-12897, Medium: Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
  • CVE-2020-12963, Medium:  An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.

The following table lists the patched AMD drivers for Windows 10.

CVE

AMD Radeon Software

Mitigated Version

AMD Radeon Pro Software for Enterprise

First Mitigated Version

CVE-2020-12894

CVE-2020-12900

CVE-2020-12964

CVE-2020-12980

CVE-2020-12981

CVE-2020-12982

CVE-2020-12983

CVE-2020-12985

CVE-2020-12986

CVE-2020-12987

20.7.1 and higher 21.Q1 Enterprise Driver

CVE-2020-12893

CVE-2020-12899

CVE-2020-12901

CVE-2020-12902

CVE-2020-12903

CVE-2020-12904

CVE-2020-12905

CVE-2020-12920

CVE-2020-12929

CVE-2020-12962

CVE-2020-12963

CVE-2020-12895

CVE-2020-12898

20.11.2 and higher 21.Q1 Enterprise Driver

CVE-2020-12897

CVE-2020-12892

21.3.1 and higher 21.Q2 Enterprise Driver

CVE-2020-12891

CVE-2020-12960

21.4.1 and higher

21.Q2 Enterprise Driver

AMD was made aware of these bugs by security researchers. AMD has updated the drivers with the above versions. (via)


Advertising

This entry was posted in Security, Update, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).