Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered a denial-of-service vulnerability in a specific dll inside of the AMD ATI Radeon line of video cards. This vulnerability can be triggered by supplying a malformed pixel
shader inside a VMware guest operating system. Such an attack can be triggered from VMware guest usermode to cause an out-of-bounds memory read on vmware-vmx.exe process on host, or theoretically through WEBGL.
In accordance with our coordinated disclosure policy, Cisco Talos worked with AMD to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details
AMD ATI Radeon ATIDXX64.DLL shader functionality sincos denial-of-service vulnerability (TALOS-2019-0890/CVE-2019-5098)
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from a VMware guest, affecting VMware host.
Read the complete vulnerability advisory here for additional information.
Versions tested
Talos tested and confirmed that AMD ATIDXX64.DLL, version 26.20.13001.29010 running on the Radeon RX 550 / 550 Series inside of VMware Workstation 15 (15.1.0 build-13591040) with Windows 10 x64 as the guest VM.
Coverage
The following SNORTⓇ ru ..
Support the originator by clicking the read the rest link below.
