{"id":63779,"date":"2021-10-26T07:09:23","date_gmt":"2021-10-26T05:09:23","guid":{"rendered":"https:\/\/www.planet3dnow.de\/cms\/?p=63779"},"modified":"2021-11-12T13:08:23","modified_gmt":"2021-11-12T12:08:23","slug":"amd-radeon-software-adrenalin-21-10-3","status":"publish","type":"post","link":"https:\/\/www.planet3dnow.de\/cms\/63779-amd-radeon-software-adrenalin-21-10-3\/","title":{"rendered":"AMD<\/span> beseitigte zahlreiche Sicherheitsl\u00fccken im Grafiktreiber f\u00fcr Windows 10"},"content":{"rendered":"

In einem in die\u00adser Woche erschie\u00adne\u00adnen Secu\u00adri\u00adty Bul\u00adle\u00adtin<\/a> hat AMD<\/span> ins\u00adge\u00adsamt 27 Sicher\u00adheits\u00adl\u00fc\u00adcken im Gra\u00adfik\u00adtrei\u00adber f\u00fcr Win\u00addows 10 auf\u00adge\u00adf\u00fchrt, von denen man die meis\u00adten bereits im Jahr 2020 besei\u00adtigt hat. Zwei davon wur\u00adden aller\u00addings erst mit der Ver\u00adsi\u00adon 21.4.1 ange\u00adgan\u00adgen und besit\u00adzen jeweils die Ein\u00adstu\u00adfung \u201cHoch\u201d.<\/p>\n

Es emp\u00adfiehlt sich also nicht nur wegen der bei\u00adden letzt\u00adge\u00adnann\u00adten Sicher\u00adheits\u00adl\u00fc\u00adcken, CVE-2020<\/span>\u201312960 und CVE-2020<\/span>\u201312981, oder zum Bei\u00adspiel wegen der Per\u00adfor\u00admance\u00adver\u00adbes\u00adse\u00adrun\u00adgen im gestern erschie\u00adne\u00adnen Trei\u00adber 21.11.2<\/a> die\u00adsen aktu\u00adell zu halten.<\/p>\n

\u201c<\/span>In a com\u00adpre\u00adhen\u00adsi\u00adve ana\u00adly\u00adsis of the AMD<\/span> Escape calls, a poten\u00adti\u00adal set of weak\u00adne\u00ads\u00adses in seve\u00adral APIs was dis\u00adco\u00adver\u00aded, which could result in escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge, deni\u00adal of ser\u00advice, infor\u00adma\u00adti\u00adon dis\u00adclo\u00adsure, KASLR<\/span> bypass, or arbi\u00adtra\u00adry wri\u00adte to ker\u00adnel memory.\u201d<\/p>\n

Quel\u00adle: AMD<\/span> Secu\u00adri\u00adty Bul\u00adle\u00adtin: AMD-SB-1000<\/span><\/a><\/p><\/blockquote>\n

Nach\u00adfol\u00adgend noch die Lis\u00adte mit allen 27 Sicherheitsl\u00fccken:<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
CVE<\/span><\/strong><\/td>\nSeve\u00adri\u00adty<\/strong><\/td>\nDescrip\u00adti\u00adon<\/strong><\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312902<\/td>\nHigh<\/td>\nArbi\u00adtra\u00adry Decre\u00adment Pri\u00advi\u00adle\u00adge Escala\u00adti\u00adon in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312891<\/td>\nHigh<\/td>\nAMD<\/span> Rade\u00adon Soft\u00adware  may be vul\u00adnerable to DLL<\/span> Hijack\u00ading through path varia\u00adble. An  unpri\u00advi\u00adle\u00adged user may be able to drop its mali\u00adcious DLL<\/span> file in any loca\u00adti\u00adon which is in path envi\u00adron\u00adment variable. <\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312892<\/td>\nHigh<\/td>\nAn untrus\u00adted search path in AMD<\/span> Rade\u00adon set\u00adtings Instal\u00adler may lead to a pri\u00advi\u00adle\u00adge escala\u00adti\u00adon or unaut\u00adho\u00adri\u00adzed code execution.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312893<\/td>\nHigh<\/td>\nStack Buf\u00adfer Over\u00adflow in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 in Escape 0x15002a may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312894<\/td>\nHigh<\/td>\nArbi\u00adtra\u00adry Wri\u00adte in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 in Escape 0x40010d may lead to arbi\u00adtra\u00adry wri\u00adte to ker\u00adnel memo\u00adry or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312895<\/td>\nHigh<\/td>\nPool\/Heap Over\u00adflow in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 in Escape 0x110037 may lead to   escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge, infor\u00adma\u00adti\u00adon dis\u00adclo\u00adsure or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312898<\/td>\nHigh<\/td>\nStack Buf\u00adfer Over\u00adflow in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312901<\/td>\nHigh<\/td>\nArbi\u00adtra\u00adry Free After Use in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to KASLR<\/span> bypass or infor\u00adma\u00adti\u00adon disclosure.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312903<\/td>\nHigh<\/td>\nOut of Bounds Wri\u00adte and Read in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 in Escape 0x6002d03 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312900<\/td>\nHigh<\/td>\nAn arbi\u00adtra\u00adry wri\u00adte vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Rade\u00adon Gra\u00adphics Dri\u00adver for Win\u00addows 10 poten\u00adti\u00adal\u00adly allows unpri\u00advi\u00adle\u00adged users to gain Escala\u00adti\u00adon of Pri\u00advi\u00adle\u00adges and cau\u00adse Deni\u00adal of Service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312929<\/td>\nHigh<\/td>\nImpro\u00adper para\u00adme\u00adters vali\u00adda\u00adti\u00adon in some trus\u00adted appli\u00adca\u00adti\u00adons of the PSP<\/span> con\u00adtai\u00adned in the AMD<\/span> Gra\u00adphics Dri\u00adver may allow a local atta\u00adcker to bypass secu\u00adri\u00adty rest\u00adric\u00adtions and achie\u00adve arbi\u00adtra\u00adry code execution.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312960<\/td>\nHigh<\/td>\nAMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10, amdfender.sys may impro\u00adper\u00adly hand\u00adle input vali\u00adda\u00adti\u00adon on Input\u00adBuf\u00adfer which may result in a deni\u00adal of ser\u00advice (DoS).<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312980<\/td>\nHigh<\/td>\nAn out of bounds wri\u00adte and read vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312981<\/td>\nHigh<\/td>\nAn insuf\u00adfi\u00adci\u00adent input vali\u00adda\u00adti\u00adon in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may allow unpri\u00advi\u00adle\u00adged users to unload the dri\u00adver, poten\u00adti\u00adal\u00adly caus\u00ading memo\u00adry cor\u00adrup\u00adti\u00adons in high pri\u00advi\u00adle\u00adged pro\u00adces\u00adses, which can lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adges or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312982<\/td>\nHigh<\/td>\nAn inva\u00adlid object poin\u00adter free vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312983<\/td>\nHigh<\/td>\nAn out of bounds wri\u00adte vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adges or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312985<\/td>\nHigh<\/td>\nAn insuf\u00adfi\u00adci\u00adent poin\u00adter vali\u00adda\u00adti\u00adon vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312986<\/td>\nHigh<\/td>\nAn insuf\u00adfi\u00adci\u00adent poin\u00adter vali\u00adda\u00adti\u00adon vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may cau\u00adse arbi\u00adtra\u00adry code exe\u00adcu\u00adti\u00adon in the ker\u00adnel, lea\u00adding to escala\u00adti\u00adon of pri\u00advi\u00adle\u00adge or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312962<\/td>\nMedi\u00adum<\/td>\nEscape call inter\u00adface in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows may cau\u00adse pri\u00advi\u00adle\u00adge escalation.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312904<\/td>\nMedi\u00adum<\/td>\nOut of Bounds Read in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 in Escape 0x3004203 may lead to arbi\u00adtra\u00adry infor\u00adma\u00adti\u00adon disclosure.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312905<\/td>\nMedi\u00adum<\/td>\nOut of Bounds Read in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 in Escape 0x3004403 may lead to arbi\u00adtra\u00adry infor\u00adma\u00adti\u00adon disclosure.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312964<\/td>\nMedi\u00adum<\/td>\nA poten\u00adti\u00adal pri\u00advi\u00adle\u00adge escalation\/denial of ser\u00advice issue exists in the AMD<\/span> Rade\u00adon Ker\u00adnel Mode dri\u00adver Escape 0x2000c00 Call hand\u00adler. An atta\u00adcker with low pri\u00advi\u00adle\u00adge could poten\u00adti\u00adal\u00adly indu\u00adce a Win\u00addows Bug\u00adCheck or wri\u00adte to leak information.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312987<\/td>\nMedi\u00adum<\/td>\nA heap infor\u00adma\u00adti\u00adon leak\/kernel pool address dis\u00adclo\u00adsure vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to KASLR<\/span> bypass.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312920<\/td>\nMedi\u00adum<\/td>\nA poten\u00adti\u00adal deni\u00adal of ser\u00advice issue exists in the AMD<\/span> Dis\u00adplay dri\u00adver Escape 0x130007 Call hand\u00adler. An atta\u00adcker with low pri\u00advi\u00adle\u00adge could poten\u00adti\u00adal\u00adly indu\u00adce a Win\u00addows BugCheck<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312899<\/td>\nMedi\u00adum<\/td>\nArbi\u00adtra\u00adry Read in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to KASLR<\/span> bypass or deni\u00adal of service.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312897<\/td>\nMedi\u00adum<\/td>\nKer\u00adnel Pool Address dis\u00adclo\u00adsure in AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows 10 may lead to KASLR<\/span> bypass.<\/td>\n<\/tr>\n
CVE-2020<\/span>\u201312963<\/td>\nMedi\u00adum<\/td>\nAn insuf\u00adfi\u00adci\u00adent poin\u00adter vali\u00adda\u00adti\u00adon vul\u00adnerabi\u00adli\u00adty in the AMD<\/span> Gra\u00adphics Dri\u00adver for Win\u00addows may allow unpri\u00advi\u00adle\u00adged users to com\u00adpro\u00admi\u00adse the system.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

In einem in die\u00adser Woche erschie\u00adne\u00adnen Secu\u00adri\u00adty Bul\u00adle\u00adtin<\/a> hat AMD<\/span> ins\u00adge\u00adsamt 27 Sicher\u00adheits\u00adl\u00fc\u00adcken im Gra\u00adfik\u00adtrei\u00adber f\u00fcr Win\u00addows 10 auf\u00adge\u00adf\u00fchrt, von denen man die meis\u00adten bereits im Jahr 2020 besei\u00adtigt hat. Zwei davon wur\u00adden aller\u00addings erst mit der Ver\u00adsi\u00adon 21.4.1 ange\u00adgan\u00adgen und besit\u00adzen jeweils die Ein\u00adstu\u00adfung \u201cHoch\u201d. (\u2026) Wei\u00adter\u00adle\u00adsen \u00bb<\/a><\/p>\n","protected":false},"author":593,"featured_media":41971,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"ngg_post_thumbnail":0,"footnotes":""},"categories":[12,11,19],"tags":[966,2596,2333,658],"class_list":["post-63779","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aktuelles","category-news","category-treiber","tag-amd","tag-grafiktreiber","tag-security-fix","tag-windows-10","entry"],"share_on_mastodon":{"url":"","error":""},"_links":{"self":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/63779","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/users\/593"}],"replies":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/comments?post=63779"}],"version-history":[{"count":4,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/63779\/revisions"}],"predecessor-version":[{"id":63782,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/63779\/revisions\/63782"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/media\/41971"}],"wp:attachment":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/media?parent=63779"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/categories?post=63779"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/tags?post=63779"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}