CVE-2019-5183

An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

CVSS v3 9.0 CRITICAL
CVSS v2.0 6.8 MEDIUM

9.0^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.2 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0964	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:amd:atidxx64:26.20.13031.10003:::::::*
	cpe:2.3:a:amd:atidxx64:26.20.13031.15006:::::::*
	cpe:2.3:a:amd:atidxx64:26.20.13031.18002:::::::*

cpe:2.3:a:vmware:workstation:15.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-01-25 18:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-5183

Mitre link : CVE-2019-5183

CVE.ORG link : CVE-2019-5183

JSON object : View

Products Affected

vmware

workstation

amd

atidxx64

CWE

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

{"id": "CVE-2019-5183", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.2}]}, "published": "2020-01-25T18:15:12.490", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0964", "tags": ["Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-843"}]}], "descriptions": [{"lang": "en", "value": "An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de confusi\u00f3n de tipos explotable en el controlador AMD ATIDXX64.DLL, versiones 26.20.13031.10003, 26.20.13031.15006 y 26.20.13031.18002. Un sombreador de p\u00edxeles especialmente dise\u00f1ado puede causar un problema de confusi\u00f3n de tipos, conllevando a una potencial ejecuci\u00f3n de c\u00f3digo. Un atacante puede proporcionar un archivo de sombreador especialmente dise\u00f1ado para activar esta vulnerabilidad. Esta vulnerabilidad puede ser activada desde el VMware invitado, afectando al host VMware."}], "lastModified": "2020-01-30T15:13:23.527", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:amd:atidxx64:26.20.13031.10003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC82656D-2131-4934-9A1D-A51C78120B1E"}, {"criteria": "cpe:2.3:a:amd:atidxx64:26.20.13031.15006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5723683-8C9E-444E-A657-31BCF5F7E25C"}, {"criteria": "cpe:2.3:a:amd:atidxx64:26.20.13031.18002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F23D439-AB74-4CCD-BDC3-4980B78193E8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:15.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "83DF9A19-ED8A-4914-96FA-D156CA9AFBC5"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}