Description
An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- AMD / Radeon™ PRO W5000 Series Graphics CardsVarious – Various
- AMD / Radeon™ PRO W6000 Series Graphics Cardsvarious – various
- AMD / Radeon™ PRO W7000 Series Graphics Cardsvarious – various
- AMD / Radeon™ RX 5000 Series Graphics Cardsvarious – various
- AMD / Radeon™ RX 6000 Series Graphics Cardsvarious – various
- AMD / Radeon™ RX 7000 Series Graphics Cardsvarious – various
- AMD / Ryzen™ 6000 Series Processors with Radeon™ Graphicsvarious – various
- AMD / Ryzen™ 7000 Series Processors with Radeon™ Graphicsvarious – various
- AMD / Ryzen™ 7020 Series Processors with Radeon™ Graphicsvarious – various
- AMD / Ryzen™ 7035 Series Processors with Radeon™ Graphicsvarious – various
- AMD / Ryzen™ 7040 Series Processors with Radeon™ Graphicsvarious – various
- AMD / Ryzen™ 7045 Series Processors with Radeon™ Graphicsvarious – various