CVE-2020-12931

7.8HIGH

Key Information:

Vendor
Amd
Status
Amd Radeon Rx 5000 Series & Pro W5000 Series
Amd Ryzen(tm) Embedded R1000
Amd Ryzen(tm) Embedded R2000
Amd Ryzen(tm) Embedded 5000
Vendor
CVE Published:
9 November 2022

Summary

Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity.

Affected Version(s)

AMD Radeon RX 5000 Series & PRO W5000 Series AMD Radeon Software < 22.5.2

AMD Radeon RX 5000 Series & PRO W5000 Series AMD Radeon Pro Software Enterprise < 22.Q2

AMD Radeon RX 5000 Series & PRO W5000 Series Enterprise Driver < 22.10.20

References

https://www.amd.com/en/corporate/product-security/bulleti...
https://www.amd.com/en/corporate/product-security/bulleti...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.