Kernel Pool Address Disclosure in AMD Graphics Driver for Windows 10
CVE-2020-12897

5.5MEDIUM

Key Information:

Vendor: Amd
Status: Amd Radeon Software
Vendor: CVE Published:; 15 November 2021

What is CVE-2020-12897?

The AMD Graphics Driver for Windows 10 contains a vulnerability that allows a Kernel Pool Address disclosure. This issue may lead to a potential bypass of the Kernel Address Space Layout Randomization (KASLR) security feature, increasing the risk of further exploitation.

Affected Version(s)

AMD Radeon Software Radeon Software < 21.3.1

AMD Radeon Software Radeon Pro Software for Enterprise < 21.Q2

References

https://www.amd.com/en/corporate/product-security/bulleti...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2021
Vulnerability Reserved
May 15, 2020

Amd

What is CVE-2020-12897?

Affected Version(s)

References

CVSS V3.1

Timeline