Vulnerability Details CVE-2019-5049
An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.8%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 7.5
References
Products affected by CVE-2019-5049
-
cpe:2.3:h:amd:radeon_550:-
-
cpe:2.3:h:amd:radeon_rx_550:-
-
cpe:2.3:h:amd:radeon_rx_550x:-
-
cpe:2.3:o:amd:radeon_550_firmware:25.20.15031.5004
-
cpe:2.3:o:amd:radeon_550_firmware:25.20.15031.9002
-
cpe:2.3:o:amd:radeon_rx_550_firmware:25.20.15031.5004
-
cpe:2.3:o:amd:radeon_rx_550_firmware:25.20.15031.9002
-
cpe:2.3:o:amd:radeon_rx_550x_firmware:25.20.15031.5004
-
cpe:2.3:o:amd:radeon_rx_550x_firmware:25.20.15031.9002