AMD closes leaks in Radeon drivers
AMD has released new drivers in the form of Adrenalin 2020 Edition 20.1.1 that close vulnerabilities in the Radeon driver files. The vulnerabilities allowed remote code execution, but only within VMware.
The four vulnerabilities were discovered by Talos, the security arm of Cisco. The company, together with AMD and VMware, ensured that its announcement coincided with the release of the new drivers. The vulnerabilities are labeled CVE-2019-5124, CVE-2019-5146, CVE-2019-5147, and CVE-2019-5183.
These are three out-of-bounds read vulnerabilities in versions of AMD atidxx64.dll, which can cause a denial of service, or crash, with a specially crafted pixel shader. More serious is CVE-2019-5183, a vulnerability in atidxx64.dll that could potentially lead to code execution. Theoretically, this could also be done via webGL, Talos thinks, in other words via a website.
A factor that limits the impact is that the vulnerability could only be exploited within a VMware environment. An attack could be carried out from VMware’s guest mode to hit a host.