{"id":58856,"date":"2020-10-08T11:52:31","date_gmt":"2020-10-08T09:52:31","guid":{"rendered":"https:\/\/www.planet3dnow.de\/cms\/?p=58856"},"modified":"2020-10-08T11:52:31","modified_gmt":"2020-10-08T09:52:31","slug":"amds-grafiktreiber-mit-potenzieller-schwachstelle-cve-2020-12911-bluescreen-bosd-moeglich","status":"publish","type":"post","link":"https:\/\/www.planet3dnow.de\/cms\/58856-amds-grafiktreiber-mit-potenzieller-schwachstelle-cve-2020-12911-bluescreen-bosd-moeglich\/","title":{"rendered":"AMDs Grafiktreiber mit potenzieller Schwachstelle (<span class=\"caps\">CVE-2020<\/span>\u201312911) \u2014 Bluescreen (<span class=\"caps\">BOSD<\/span>) m\u00f6glich"},"content":{"rendered":"<p>Auf der eige\u00adnen <a href=\"https:\/\/www.amd.com\/en\/corporate\/product-security\" target=\"_blank\" rel=\"noopener noreferrer\">Pro\u00addukt-Sicher\u00adheits\u00adsei\u00adte<\/a> infor\u00admiert <span class=\"caps\">AMD<\/span> \u00fcber eine Schwach\u00adstel\u00adle im Gra\u00adfik\u00adtrei\u00adber f\u00fcr Win\u00addows bzw. der <span class=\"caps\">ATIKMDAG<\/span>.<span class=\"caps\">SYS<\/span>, die beim Ent\u00adde\u00adcker <a href=\"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2020-1119\" target=\"_blank\" rel=\"noopener noreferrer\">Cis\u00adco Talos n\u00e4her beschrie\u00adben wird.<\/a> Die\u00adse kann einen Blue\u00adscreen (<span class=\"caps\">BOSD<\/span>) aus\u00adl\u00f6\u00adsen. Einen Fix plant <span class=\"caps\">AMD<\/span> aller\u00addings erst f\u00fcr das ers\u00adte Quar\u00adtal&nbsp;2021.<\/p>\n<blockquote><p><span class=\"dquo\">\u201c<\/span>This vul\u00adnerabi\u00adli\u00adty can be trig\u00adge\u00adred by exe\u00adcu\u00adting the&nbsp;<code>D3DKMTCreateAllocation<\/code>&nbsp;func\u00adtion with mal\u00adfor\u00admed data. This leads to an out-of-bounds read vul\u00adnerabi\u00adli\u00adty in <span class=\"caps\">AMD<\/span> <span class=\"caps\">ATIKMDAG<\/span>.<span class=\"caps\">SYS<\/span> driver.<\/p>\n<p>An atta\u00adcker can influence the read address for the&nbsp;<code>movzx<\/code>&nbsp;ope\u00adra\u00adti\u00adon by modi\u00adfy\u00ading the pay\u00adload for the&nbsp;<code>D3DKMTCreateAllocation<\/code>&nbsp;func\u00adtion, poten\u00adti\u00adal\u00adly lea\u00adding to an out-of-bound read vul\u00adnerabi\u00adli\u00adty and deni\u00adal of service.\u201d<\/p>\n<p>Quel\u00adle: Cis\u00adco&nbsp;Talos<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Laut Talos hat die Schwach\u00adstel\u00adle einen CVSSv3 Score von 7,1 (High \u2014 Stu\u00adfe 4 von 5) und wur\u00adde bereits am 7. Juli 2020 <span class=\"caps\">AMD<\/span> gemeldet.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Auf der eige\u00adnen <a href=\"https:\/\/www.amd.com\/en\/corporate\/product-security\" target=\"_blank\" rel=\"noopener noreferrer\">Pro\u00addukt-Sicher\u00adheits\u00adsei\u00adte<\/a> infor\u00admiert <span class=\"caps\">AMD<\/span> \u00fcber eine Schwach\u00adstel\u00adle im Gra\u00adfik\u00adtrei\u00adber f\u00fcr Win\u00addows bzw. der <span class=\"caps\">ATIKMDAG<\/span>.<span class=\"caps\">SYS<\/span>, die beim Ent\u00adde\u00adcker <a href=\"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2020-1119\" target=\"_blank\" rel=\"noopener noreferrer\">Cis\u00adco Talos n\u00e4her beschrie\u00adben wird.<\/a> Die\u00adse kann einen Blue\u00adscreen (<span class=\"caps\">BOSD<\/span>) aus\u00adl\u00f6\u00adsen. Einen Fix plant <span class=\"caps\">AMD<\/span> aller\u00addings erst f\u00fcr das ers\u00adte Quar\u00adtal 2021. (\u2026) <a class=\"moretag\" href=\"https:\/\/www.planet3dnow.de\/cms\/58856-amds-grafiktreiber-mit-potenzieller-schwachstelle-cve-2020-12911-bluescreen-bosd-moeglich\/\">Wei\u00adter\u00adle\u00adsen&nbsp;\u00bb<\/a><\/p>\n","protected":false},"author":593,"featured_media":41971,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"ngg_post_thumbnail":0,"footnotes":""},"categories":[12],"tags":[966,2079,1610],"class_list":["post-58856","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aktuelles","tag-amd","tag-radeon-software-adrenalin-edition","tag-sicherheitsluecke","entry"],"share_on_mastodon":{"url":"","error":""},"_links":{"self":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/58856","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/users\/593"}],"replies":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/comments?post=58856"}],"version-history":[{"count":2,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/58856\/revisions"}],"predecessor-version":[{"id":58858,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/58856\/revisions\/58858"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/media\/41971"}],"wp:attachment":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/media?parent=58856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/categories?post=58856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/tags?post=58856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}