Vulnerabilities > CVE-2019-5049 - Out-of-bounds Write vulnerability in AMD products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 | |
| Hardware | 3 |
Common Weakness Enumeration (CWE)
Talos
| id | TALOS-2019-0818 |
| last seen | 2019-11-09 |
| published | 2019-09-16 |
| reporter | Talos Intelligence |
| source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0818 |
| title | AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability |