{"containers":{"cna":{"affected":[{"product":"AMD","vendor":"n/a","versions":[{"status":"affected","version":"AMD atidxx64.dll (26.20.15019.19000)"}]}],"descriptions":[{"lang":"en","value":"An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability potentially could be triggered from guest machines running virtualization environments (ie. VMware, qemu, VirtualBox etc.) in order to perform guest-to-host escape - as it was demonstrated before (TALOS-2018-0533, TALOS-2018-0568, etc.). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). This vulnerability was triggered from HYPER-V guest using RemoteFX feature leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process)."}],"problemTypes":[{"descriptions":[{"description":"out of bounds write","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-07-20T20:22:47.000Z","orgId":"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b","shortName":"talos"},"references":[{"tags":["x_refsource_MISC"],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1040"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"talos-cna@cisco.com","ID":"CVE-2020-6100","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"AMD","version":{"version_data":[{"version_value":"AMD atidxx64.dll (26.20.15019.19000)"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability potentially could be triggered from guest machines running virtualization environments (ie. VMware, qemu, VirtualBox etc.) in order to perform guest-to-host escape - as it was demonstrated before (TALOS-2018-0533, TALOS-2018-0568, etc.). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). This vulnerability was triggered from HYPER-V guest using RemoteFX feature leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process)."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"out of bounds write"}]}]},"references":{"reference_data":[{"name":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1040","refsource":"MISC","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1040"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T08:47:41.172Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1040"}]}]},"cveMetadata":{"assignerOrgId":"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b","assignerShortName":"talos","cveId":"CVE-2020-6100","datePublished":"2020-07-20T20:22:47.000Z","dateReserved":"2020-01-07T00:00:00.000Z","dateUpdated":"2024-08-04T08:47:41.172Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}