Researchers at Cisco Talos have advertised that security vulnerabilities in some AMD ATI Radeon graphics cards may enable attackers to execute code from remotely or trigger a denial of service situation.
There have been a total of four security flaws, all of which affect the AMD ATIDXX64.DLL driver: three out – of-bound and one form of uncertainty issue. All four problems were patched by AMD.
Each of the first three CVE-2019-5124, CVE-2019-5147 and CVE-2019-5146 vulnerabilities has an 8.6 CVSS ranking.
To bring such security flaws out of bounds, an attacker needs to provide a specially crafted, malformed pixel shader.
Cisco Talos explains in a vulnerability report that this kind of attack can “trigger user mode” within the VMware guest to cause the out – of-bounds read in the vmware-vmx.exe process on a host or theoretically via WEBGL(remote website). “Cisco researchers tested and confirmed these vulnerabilities in the Radeon RX 550/550 series graphics version of AMD ATIDx64.DLL version26.20.13025.10004
The fourth prone concerns the AMD ATIDXX64.DLL module, versions 26.20.13031.10003, 26.20.13031.15006, and 26.20.13031.18002.
The confusion problem can be caused by a specially crafted pixel shader and could lead to the possible execution of code. An intruder will cause the VMware guest bug by supplying a shader file that is particularly designed.
“The vulnerability will be triggered in the vmware-vmx.exe process on host, or theoretically through WEBGL (remote website), leading to potential code execution (through a vtable type-confusion),” Cisco Talos explains.