December 3, 2021

Eighteen excessive severity vulnerabilities remediated in AMD’s Radeon graphics driver packages


A sizzling potato: Graphics driver updates from GPU {hardware} producers are sometimes met with wholesome doses of pleasure and skepticism. Some customers look ahead to the potential recreation and utility assist, performance, or pure FPS a brand new package deal can present. Others are hesitant to take the leap for worry that the discharge may trigger extra issues than it solves. AMD’s newest safety bulletins have now proven the significance of holding their Radeon drivers up-to-date with a view to assist safety posture in addition to graphics capabilities.

The most recent batch of frequent vulnerabilities and exposures (CVEs) launched by Group Purple covers 27 driver-level safety findings, together with 18 high-severity vulnerabilities. Unintended escalation of privileges, DLL hijacking, and arbitrary code execution are among the many points brought on by the safety holes. Malicious actors profiting from these exploits could cause user-facing impacts starting from compromised data to finish information loss.

Fortuitously for AMD Radeon customers, many of those points have been addressed by the corporate’s final a number of driver releases. Starting with the Radeon 20.7.1 and the Radeon 21.Q1 Enterprise driver packages, AMD has efficiently mitigated most of those safety points, together with all 18 excessive severity CVEs. These releases and their potential to remediate related safety considerations current a wonderful case for end-users to evaluate and contemplate driver updates primarily based on extra than simply environment friendly information and picture processing by their GPUs.

Not too long ago found safety vulnerabilities are usually not restricted to AMD’s Radeon product line. The Register highlights greater than 70 vulnerabilities spanning all generations of AMD’s EPYC processors and Intel’s Wi-Fi, SSDs, and processors, together with the Pentium, Celeron, Atom, and Xeon product traces.

The safety points have been found and reported because of a number of researchers and organizations, together with vulnerability knowledgeable Ori Nimron, cybersecurity product developer CyberArk Labs, and several other others. Based mostly on AMD’s bulletins, any AMD GPU person operating Radeon Software program model 21.4.1, Radeon Professional Software program model 21.Q2 Enterprise driver, or increased, needs to be updated and shielded from the reported exploits.

Leave a Reply

Your email address will not be published. Required fields are marked *