Vulnerability Details CVE-2019-5098
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.4%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 5.0
References
Products affected by CVE-2019-5098
-
cpe:2.3:a:vmware:workstation:15.0.0
-
cpe:2.3:h:amd:radeon_550:-
-
cpe:2.3:h:amd:radeon_rx_550:-
-
cpe:2.3:o:amd:radeon_550_firmware:26.20.13001.29010
-
cpe:2.3:o:amd:radeon_rx_550_firmware:26.20.13001.29010
-
cpe:2.3:o:microsoft:windows_10:-