Denial of Service Vulnerability in AMD ATIKMDAG.SYS Driver
CVE-2020-12911

5.5MEDIUM

Key Information:

Vendor: Amd
Status: Amd Graphics Driver For Windows
Vendor: CVE Published:; 13 October 2020

Summary

A vulnerability exists within the AMD ATIKMDAG.SYS driver related to the D3DKMTCreateAllocation handler. This flaw can be exploited by sending a specially crafted D3DKMTCreateAllocation API request, which may trigger an out-of-bounds read. The result could lead to a denial of service condition, potentially causing system instability and a Blue Screen of Death (BSOD) error. The issue can be exploited from a non-privileged user account, thereby increasing the risk for end users.

Affected Version(s)

AMD Graphics Driver for Windows Fixed in version 20.50 and later

References

https://www.amd.com/en/corporate/product-security

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2020
Vulnerability Reserved
May 15, 2020