cve/2019/CVE-2019-5049.md

CVE-2019-5049

Description

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

POC

Reference

• https://talosintelligence.com/vulnerability_reports/TALOS-2019-0818
• https://talosintelligence.com/vulnerability_reports/TALOS-2019-0818

Github

• https://github.com/alphaSeclab/sec-daily-2019