CVE-2020-12901: Use After Free
First published: Tue Nov 09 2021(Updated: )
Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure.
Credit: psirt@amd.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AMD Radeon Software | <20.7.1 | |
| Microsoft Windows 10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2020-12901.
What is the title of this vulnerability?
The title of this vulnerability is "Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure."
What is the affected software for this vulnerability?
The affected software is AMD Radeon Software up to version 20.7.1.
What is the severity rating for this vulnerability?
The severity rating for this vulnerability is 5.5 (medium).
How can this vulnerability lead to KASLR bypass or information disclosure?
This vulnerability allows arbitrary free after use in the AMD Graphics Driver, which can be exploited to bypass KASLR (Kernel Address Space Layout Randomization) or disclose sensitive information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/amd
- canonical/amd radeon software
- vendor/microsoft
- canonical/microsoft windows 10