Heap Information Leak in AMD Graphics Driver for Windows 10
CVE-2020-12987

5.5MEDIUM

Key Information:

Vendor: Amd
Status: Amd Radeon Software
Vendor: CVE Published:; 11 June 2021

Summary

A heap information leak vulnerability exists in the AMD Graphics Driver for Windows 10 that may allow attackers to disclose kernel pool addresses. This could facilitate a KASLR bypass, potentially exposing sensitive information and allowing further exploitation of the system. It is vital for users to apply the latest patches and updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

AMD Radeon Software Radeon Software < 20.7.1

AMD Radeon Software Radeon Pro Software for Enterprise < 21.Q2

References

https://www.amd.com/en/corporate/product-security/bulleti...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 11, 2021
Vulnerability Reserved
May 15, 2020