Vulnerabilities > CVE-2020-6101 - Out-of-bounds Write vulnerability in AMD Radeon Directx 11 Driver Atidxx64.Dll 26.20.15019.19000

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

amd

CWE-787

NVD

Published: 2020-07-20

Updated: 2020-07-24

Summary

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly).

Vulnerable Configurations

Part	Description	Count
Application	Amd AMD Radeon Directx 11 Driver Atidxx64.Dll 26.20.15019.19000	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1041