Arbitrary Write Vulnerability in AMD Graphics Driver for Windows 10
CVE-2020-12894

7.1HIGH

Key Information:

Vendor: Amd
Status: Amd Radeon Software
Vendor: CVE Published:; 15 November 2021

Summary

An arbitrary write vulnerability exists in the AMD Graphics Driver for Windows 10 due to improper handling in the Escape 0x40010d function. Exploitation of this weakness may allow attackers to write to kernel memory, potentially leading to system instability or denial of service, jeopardizing the security and reliability of the Windows operating system.

Affected Version(s)

AMD Radeon Software Radeon Software < 20.7.1

AMD Radeon Software Radeon Pro Software for Enterprise < 21.Q2

References

https://www.amd.com/en/corporate/product-security/bulleti...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2021
Vulnerability Reserved
May 15, 2020