AMD has published a list of 27 vulnerabilities contained in the AMD Graphics Driver for Windows 10. 18 of them were assigned a high risk factor, while 9 vulnerabilities are categorized as medium risk. Updates have been released for the vulnerabilities.
The vulnerabilities, AMD said, could allow privilege escalation or a denial of service to occur on affected systems, or make information accessible to malicious parties seeking to exploit unpatched systems. Some vulnerabilities also allow access to kernel memory. AMD reports that the vulnerabilities will be fixed via updates in Radeon Software and Radeon Pro Software for Enterprise. All mentioned issues have been resolved as of AMD Radeon Software version number 21.4.1. That update dates back to spring.
The company also recently published a list of 22 vulnerabilities it found in the first, second, and third generations of its EPYC server processors. The vulnerabilities reside in AMD Platform Security Processor, AMD System Management Unit, and AMD Secure Encrypted Virtualization. Four vulnerabilities on this list were identified as high risk. All vulnerabilities can be fixed by updating AMD’s Agesa software. The company released these updates to the OEMs of EPYC systems and asks users to contact them.