Search criteria
2 vulnerabilities found for Radeon Software by AMD
CVE-2020-12891 (GCVE-0-2020-12891)
Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 17:33
VLAI?
Summary
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
Severity ?
No CVSS data available.
CWE
- TBD
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| AMD | Radeon Software |
Affected:
Radeon Driver , < 21.4.1
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.4.1",
"status": "affected",
"version": "Radeon Driver",
"versionType": "custom"
}
]
},
{
"product": "Radeon Pro Software for Enterprise",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Enterprise Driver",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "TBD",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:12",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:30:00.000Z",
"ID": "CVE-2020-12891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Driver",
"version_value": "21.4.1"
}
]
}
},
{
"product_name": "Radeon Pro Software for Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Enterprise Driver",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12891",
"datePublished": "2022-02-04T22:29:12.020774Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T17:33:32.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12891 (GCVE-0-2020-12891)
Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 17:33
VLAI?
Summary
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable.
Severity ?
No CVSS data available.
CWE
- TBD
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| AMD | Radeon Software |
Affected:
Radeon Driver , < 21.4.1
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Radeon Software",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.4.1",
"status": "affected",
"version": "Radeon Driver",
"versionType": "custom"
}
]
},
{
"product": "Radeon Pro Software for Enterprise",
"vendor": "AMD",
"versions": [
{
"lessThan": "21.Q2",
"status": "affected",
"version": "Enterprise Driver",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "TBD",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:12",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
],
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:30:00.000Z",
"ID": "CVE-2020-12891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Radeon Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Radeon Driver",
"version_value": "21.4.1"
}
]
}
},
{
"product_name": "Radeon Pro Software for Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Enterprise Driver",
"version_value": "21.Q2"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TBD"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000"
}
]
},
"source": {
"advisory": "AMD-SB-1000",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2020-12891",
"datePublished": "2022-02-04T22:29:12.020774Z",
"dateReserved": "2020-05-15T00:00:00",
"dateUpdated": "2024-09-16T17:33:32.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}