Description
Insufficient verification of multiple header signatures while loading a Trusted Application (TA) may allow an attacker with privileges to gain code execution in that TA or the OS/kernel.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- AMD / AMD Radeon RX 5000 Series & PRO W5000 SeriesAMD Radeon Software – 22.5.2
- AMD / AMD Radeon RX 5000 Series & PRO W5000 SeriesAMD Radeon Pro Software Enterprise – 22.Q2
- AMD / AMD Radeon RX 5000 Series & PRO W5000 SeriesEnterprise Driver – 22.10.20
- AMD / AMD Radeon RX 6000 Series & PRO W6000 SeriesAMD Radeon Software – 22.5.2
- AMD / AMD Radeon RX 6000 Series & PRO W6000 SeriesAMD Radeon Pro Software Enterprise – 22.Q2
- AMD / AMD Radeon RX 6000 Series & PRO W6000 SeriesEnterprise Driver – 22.10.20