AMD Radeon Graphics Cards Open VMware Workstations to Attack

vmware graphics card bug

Bug impacts VMware Workstation 15 running 64-bit versions of Windows 10 as the guest VM.

A remote code-execution bug exists in some configurations of the AMD Radeon graphics card that could allow an attacker to take control of a targeted system. The hack entails luring users of vulnerable systems to visit a specially crafted website that can deliver “a malformed pixel shader” to either a Radeon RX 550 or a Radeon 550 series graphics card.

The prerequisites for the attack limit the scope of those impacted. According to Cisco Talos, which found the bug in May, the vulnerability only exists on systems running VMware Workstation 15 with the 64-bit version of Windows 10 running as the as guest VM.

“This vulnerability can be triggered by supplying a malformed pixel shader (inside VMware guest OS) to the AMD ATIDXX64.DLL driver. Such an attack can be triggered from a VMware guest usermode to cause a memory corruption on vmware-vmx.exe process on host, or theoretically through WEBGL (remote website),” according to the Talos Vulnerability Bulletin, published Monday.

The bug (CVE-2019-5049) has a critical Common Vulnerability Scoring System (CVSS) rating of 9.0 based on the v3.X standard. The “malformed pixel shader” refers to a type of computer graphics program, originally used to shade pixels, but now is responsible for more advanced video post-processing.

The vulnerability is a memory-corruption bug specifically impacting AMD’s ATIDXX64.DLL driver (versions 25.20.15031.5004 and 25.20.15031.9002). Using the malicious pixel shader, an attacker can cause an out-of-bounds memory write impacting not just the VM guest, but also the underlying host system.

The vulnerable code (sub_32B820), located in the AMD library ATIDXX64.DLL, is targeted by the attacker-supplied shader bytecode data. Due to a “lack of proper bounds checking, an attacker can partially control the calculation of the destination address, which leads to controlled memory corruption,” according to Piotr Bania of Cisco Talos, who discovered the vulnerability.

Bania discovered the bug May 8 and notified AMD a week later. AMD vendor patched the bug on Monday – coinciding with the public disclosure of the vulnerability.

Interested in the role of artificial intelligence in cybersecurity, for both offense and defense? Don’t miss our free Threatpost webinar, AI and Cybersecurity: Tools, Strategy and Advice, with senior editor Tara Seals and a panel of experts. Click here to register.

Suggested articles