8.6
CWE
125
Advisory Published
Updated

CVE-2019-5098

First published: Thu Dec 05 2019(Updated: )

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Credit: talos-cna@cisco.com

Affected SoftwareAffected VersionHow to fix
VMware Workstation=15.0.0
Microsoft Windows 10
Amd Radeon Rx 550 Firmware=26.20.13001.29010
Amd Radeon Rx 550
Amd Radeon 550 Firmware=26.20.13001.29010
Amd Radeon 550

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2019-5098?

    CVE-2019-5098 is an exploitable out-of-bounds read vulnerability in the AMD ATIDXX64.DLL driver.

  • How does CVE-2019-5098 impact VMware Workstation 15.0.0?

    VMware Workstation 15.0.0 is affected by CVE-2019-5098 and can be exploited by a specially crafted shader file.

  • Is Microsoft Windows 10 vulnerable to CVE-2019-5098?

    No, Microsoft Windows 10 is not vulnerable to CVE-2019-5098.

  • How can I fix CVE-2019-5098 in the AMD Radeon RX 550 firmware version 26.20.13001.29010?

    To fix CVE-2019-5098 in the AMD Radeon RX 550 firmware version 26.20.13001.29010, update to the latest firmware version provided by AMD.

  • What is the severity rating of CVE-2019-5098?

    CVE-2019-5098 has a severity rating of 8.6 (high).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203