AMD beseitigte zahlreiche Sicherheitsl체cken im Grafiktreiber f체r Windows 10

In einem in die짯ser Woche erschie짯ne짯nen Secu짯ri짯ty Bul짯le짯tin hat AMD ins짯ge짯samt 27 Sicher짯heits짯l체짯cken im Gra짯fik짯trei짯ber f체r Win짯dows 10 auf짯ge짯f체hrt, von denen man die meis짯ten bereits im Jahr 2020 besei짯tigt hat. Zwei davon wur짯den aller짯dings erst mit der Ver짯si짯on 21.4.1 ange짯gan짯gen und besit짯zen jeweils die Ein짯stu짯fung 쏦och.

Es emp짯fiehlt sich also nicht nur wegen der bei짯den letzt짯ge짯nann짯ten Sicher짯heits짯l체짯cken, CVE-202012960 und CVE-202012981, oder zum Bei짯spiel wegen der Per짯for짯mance짯ver짯bes짯se짯run짯gen im gestern erschie짯ne짯nen Rade짯on Soft짯ware Adre짯na짯lin 21.11.2 den Gra짯fik짯trei짯ber aktu짯ell zu halten.

In a com짯pre짯hen짯si짯ve ana짯ly짯sis of the AMD Escape calls, a poten짯ti짯al set of weak짯ne짯s짯ses in seve짯ral APIs was dis짯co짯ver짯ed, which could result in escala짯ti짯on of pri짯vi짯le짯ge, deni짯al of ser짯vice, infor짯ma짯ti짯on dis짯clo짯sure, KASLR bypass, or arbi짯tra짯ry wri짯te to ker짯nel memory.

Quel짯le: AMD Secu짯ri짯ty Bul짯le짯tin: AMD-SB-1000

Nach짯fol짯gend noch die Lis짯te mit allen 27 Sicherheitsl체cken:

CVE Seve짯ri짯ty Descrip짯ti짯on
CVE-202012902 High Arbi짯tra짯ry Decre짯ment Pri짯vi짯le짯ge Escala짯ti짯on in AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012891 High AMD Rade짯on Soft짯ware  may be vul짯nerable to DLL Hijack짯ing through path varia짯ble. An  unpri짯vi짯le짯ged user may be able to drop its mali짯cious DLL file in any loca짯ti짯on which is in path envi짯ron짯ment variable. 
CVE-202012892 High An untrus짯ted search path in AMD Rade짯on set짯tings Instal짯ler may lead to a pri짯vi짯le짯ge escala짯ti짯on or unaut짯ho짯ri짯zed code execution.
CVE-202012893 High Stack Buf짯fer Over짯flow in AMD Gra짯phics Dri짯ver for Win짯dows 10 in Escape 0x15002a may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012894 High Arbi짯tra짯ry Wri짯te in AMD Gra짯phics Dri짯ver for Win짯dows 10 in Escape 0x40010d may lead to arbi짯tra짯ry wri짯te to ker짯nel memo짯ry or deni짯al of service.
CVE-202012895 High Pool/Heap Over짯flow in AMD Gra짯phics Dri짯ver for Win짯dows 10 in Escape 0x110037 may lead to   escala짯ti짯on of pri짯vi짯le짯ge, infor짯ma짯ti짯on dis짯clo짯sure or deni짯al of service.
CVE-202012898 High Stack Buf짯fer Over짯flow in AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012901 High Arbi짯tra짯ry Free After Use in AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to KASLR bypass or infor짯ma짯ti짯on disclosure.
CVE-202012903 High Out of Bounds Wri짯te and Read in AMD Gra짯phics Dri짯ver for Win짯dows 10 in Escape 0x6002d03 may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012900 High An arbi짯tra짯ry wri짯te vul짯nerabi짯li짯ty in the AMD Rade짯on Gra짯phics Dri짯ver for Win짯dows 10 poten짯ti짯al짯ly allows unpri짯vi짯le짯ged users to gain Escala짯ti짯on of Pri짯vi짯le짯ges and cau짯se Deni짯al of Service.
CVE-202012929 High Impro짯per para짯me짯ters vali짯da짯ti짯on in some trus짯ted appli짯ca짯ti짯ons of the PSP con짯tai짯ned in the AMD Gra짯phics Dri짯ver may allow a local atta짯cker to bypass secu짯ri짯ty rest짯ric짯tions and achie짯ve arbi짯tra짯ry code execution.
CVE-202012960 High AMD Gra짯phics Dri짯ver for Win짯dows 10, amdfender.sys may impro짯per짯ly hand짯le input vali짯da짯ti짯on on Input짯Buf짯fer which may result in a deni짯al of ser짯vice (DoS).
CVE-202012980 High An out of bounds wri짯te and read vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012981 High An insuf짯fi짯ci짯ent input vali짯da짯ti짯on in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may allow unpri짯vi짯le짯ged users to unload the dri짯ver, poten짯ti짯al짯ly caus짯ing memo짯ry cor짯rup짯ti짯ons in high pri짯vi짯le짯ged pro짯ces짯ses, which can lead to escala짯ti짯on of pri짯vi짯le짯ges or deni짯al of service.
CVE-202012982 High An inva짯lid object poin짯ter free vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012983 High An out of bounds wri짯te vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to escala짯ti짯on of pri짯vi짯le짯ges or deni짯al of service.
CVE-202012985 High An insuf짯fi짯ci짯ent poin짯ter vali짯da짯ti짯on vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012986 High An insuf짯fi짯ci짯ent poin짯ter vali짯da짯ti짯on vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may cau짯se arbi짯tra짯ry code exe짯cu짯ti짯on in the ker짯nel, lea짯ding to escala짯ti짯on of pri짯vi짯le짯ge or deni짯al of service.
CVE-202012962 Medi짯um Escape call inter짯face in the AMD Gra짯phics Dri짯ver for Win짯dows may cau짯se pri짯vi짯le짯ge escalation.
CVE-202012904 Medi짯um Out of Bounds Read in AMD Gra짯phics Dri짯ver for Win짯dows 10 in Escape 0x3004203 may lead to arbi짯tra짯ry infor짯ma짯ti짯on disclosure.
CVE-202012905 Medi짯um Out of Bounds Read in AMD Gra짯phics Dri짯ver for Win짯dows 10 in Escape 0x3004403 may lead to arbi짯tra짯ry infor짯ma짯ti짯on disclosure.
CVE-202012964 Medi짯um A poten짯ti짯al pri짯vi짯le짯ge escalation/denial of ser짯vice issue exists in the AMD Rade짯on Ker짯nel Mode dri짯ver Escape 0x2000c00 Call hand짯ler. An atta짯cker with low pri짯vi짯le짯ge could poten짯ti짯al짯ly indu짯ce a Win짯dows Bug짯Check or wri짯te to leak information.
CVE-202012987 Medi짯um A heap infor짯ma짯ti짯on leak/kernel pool address dis짯clo짯sure vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to KASLR bypass.
CVE-202012920 Medi짯um A poten짯ti짯al deni짯al of ser짯vice issue exists in the AMD Dis짯play dri짯ver Escape 0x130007 Call hand짯ler. An atta짯cker with low pri짯vi짯le짯ge could poten짯ti짯al짯ly indu짯ce a Win짯dows BugCheck
CVE-202012899 Medi짯um Arbi짯tra짯ry Read in AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to KASLR bypass or deni짯al of service.
CVE-202012897 Medi짯um Ker짯nel Pool Address dis짯clo짯sure in AMD Gra짯phics Dri짯ver for Win짯dows 10 may lead to KASLR bypass.
CVE-202012963 Medi짯um An insuf짯fi짯ci짯ent poin짯ter vali짯da짯ti짯on vul짯nerabi짯li짯ty in the AMD Gra짯phics Dri짯ver for Win짯dows may allow unpri짯vi짯le짯ged users to com짯pro짯mi짯se the system.