AMD Graphics Drivers Have a CreateAllocation Security Vulnerability

AleksandarK · Oct 8, 2020

Discovering vulnerabilities in software is not an easy thing to do. There are many use cases and states that need to be tested to see a possible vulnerability. Still, security researchers know how to find those and they usually report it to the company that made the software. Today, AMD has disclosed that there is a vulnerability present in the company graphics driver powering the GPUs and making them work on systems. Called CreateAllocation (CVE-2020-12911), the vulnerability is marked with a score of 7.1 in the CVSSv3 test results, meaning that it is not a top priority, however, it still represents a big problem.

"A denial-of-service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS 26.20.15029.27017. A specially crafted D3DKMTCreateAllocation API request can cause an out-of-bounds read and denial of service (BSOD). This vulnerability can be triggered from a guest account, " says the report about the vulnerability. AMD states that a temporary fix is implemented by simply restarting your computer if a BSOD happens. The company also declares that "confidential information and long-term system functionality are not impacted". AMD plans to release a fix for this software problem sometime in 2021 with the new driver release. You can read more about it here.

View at TechPowerUp Main Site

hellrazor · Oct 8, 2020

So the driver tries to read memory it's not supposed to and then segfaults the way it's supposed to. I'm not saying it isn't a bug, but I feel like there are easier ways to go about crashing a system.

Sihastru · Oct 8, 2020

AMD states that a fix is implemented by simply restarting your computer if a BSOD happens.

Have you tried turning it off and on again?

arbiter · Oct 8, 2020

Sihastru said:
Have you tried turning it off and on again?

and fix won't be for months so many turning it off and on agains? anywhere from 2 months to 14 months.

AMD plans to release a fix for this software problem sometime in 2021 with the new driver release.

TheoneandonlyMrK · Oct 8, 2020

arbiter said:
and fix won't be for months so many turning it off and on agains? anywhere from 2 months to 14 months.

Has it been exploited, is it prevalent , why has my Vega ran without BSOD for two years if it has been?.

ShurikN · Oct 8, 2020

AMD states that a temporary fix is implemented by simply restarting your computer if a BSOD happens.

What else are you gonna do if a BSOD happens...

Kohl Baas · Oct 8, 2020

ShurikN said:
What else are you gonna do if a BSOD happens...

Try Crtl+Alt+Kick... :laugh:

Steevo · Oct 8, 2020

They coming to steal your texture caches and your color data, lock your computer!!

R-T-B · Oct 9, 2020

theoneandonlymrk said:
Has it been exploited, is it prevalent , why has my Vega ran without BSOD for two years if it has been?.

Jumping straight the defense I see.

To answer your questions in order, probably somewhere, no not at all, and who the feck knows or cares?

GoldenX · Oct 9, 2020

I'm not sure what's the point of this. You can force a BSOD with any GPU driver if you trigger the right feature or extension in the wrong way.
Hell, just call a compute shader and write trash on occupied VRAM, instant BSOD.

TheoneandonlyMrK · Oct 9, 2020

R-T-B said:
Jumping straight the defense I see.

To answer your questions in order, probably somewhere, no not at all, and who the feck knows or cares?

Just toeing the Typical line, I would say the same thing for Xe or Ampere.

RJARRRPCGP · Oct 10, 2020

That's the same bugcheck code as RAM corruption, like loss of RAM stability.

Good to know, or else I would have thought that I have a RAM problem.

MagnuTron · Oct 12, 2020

Honestly, compared to the NV driver stack the ATI based counter-parts are a bit of an attrocity. Not that the drivers arent good, they can work no issues, but when you delve into the package payload, the amount of CCC.exe remnants that exist are still too much. The drivers don't even have a silent-install flag, because they call on so many processes. It's sad.

System Name	Eldritch
Processor	AMD Ryzen 5 5800X3D
Motherboard	ASUS TUF X570 Pro Wifi
Cooling	Satan's butthole after going to Taco Bell
Memory	64 GB G.Skill TridentZ
Video Card(s)	Vega 56
Storage	68TB Western Digital Blues in RAID 6, 2512 GB Samsung 960 Pros
Display(s)	Acer CB281HK
Case	Phanteks Enthoo Pro PH-ES614P_BK
Audio Device(s)	ASUS Xonar DX
Power Supply	EVGA Supernova 750 G2
Mouse	Razer Viper 8K
Software	Debian Bullseye

System Name	Prometheus
Processor	AMD Ryzen 9 5950x
Motherboard	ASUS ROG Strix B550-I Gaming
Cooling	EKWB EK-240 AIO D-RGB
Memory	G.Skill Trident Z Neo 32GB
Video Card(s)	MSI RTX 4070Ti Ventus 3X OC 12GB
Storage	WD Black SN850 1TB + 1 x Samsung 970 Evo Plus 2TB
Display(s)	DELL U4320Q 4K + Wacom Cintiq Pro 16 4K
Case	Jonsbo A4 ver1.1 SFF
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Corsair SF750 Platinum SFX
Mouse	Logitech Pro Wireless
Keyboard	Vortex Race 3 75% MX Brown
Software	Windows 11 Pro x64

Processor	i7-13700k
Motherboard	Asus Tuf Gaming z790-plus
Cooling	Coolermaster Hyper 212 RGB
Memory	Corsair Vengeance RGB 32GB DDR5 7000mhz
Video Card(s)	Asus Dual Geforce RTX 4070 Super ( 2800mhz @ 1.0volt, ~60mhz overlock -.1volts. 180-190watt draw)
Storage	1x Samsung 980 Pro PCIe4 NVme, 2x Samsung 1tb 850evo SSD, 3x WD drives, 2 seagate
Display(s)	Acer Predator XB273u 27inch IPS G-Sync 165hz
Power Supply	Corsair RMx Series RM850x (OCZ Z series PSU retired after 13 years of service)
Mouse	Logitech G502 hero
Keyboard	Logitech G710+

System Name	RyzenGtEvo/ Asus strix scar II
Processor	Amd R5 5900X/ Intel 8750H
Motherboard	Crosshair hero8 impact/Asus
Cooling	360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory	Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s)	Powercolour RX7900XT Reference/Rtx 2060
Storage	Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s)	Samsung UAE28"850R 4k freesync.dell shiter
Case	Lianli 011 dynamic/strix scar2
Audio Device(s)	Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply	corsair 1200Hxi/Asus stock
Mouse	Roccat Kova/ Logitech G wireless
Keyboard	Roccat Aimo 120
VR HMD	Oculus rift
Software	Win 10 Pro
Benchmark Scores	8726 vega 3dmark timespy/ laptop Timespy 6506

Processor	Ryzen 5600
Motherboard	X570 I Aorus Pro
Cooling	Deepcool AG400
Memory	HyperX Fury 2 x 8GB 3200 CL16
Video Card(s)	RX 6700 10GB SWFT 309
Storage	SX8200 Pro 512 / NV2 512
Display(s)	24G2U
Case	NR200P
Power Supply	Ion SFX 650
Mouse	G703 (TTC Gold 60M)
Keyboard	Keychron V1 (Akko Matcha Green) / Apex m500 (Gateron milky yellow)
Software	W10

System Name	My Addiction
Processor	AMD Ryzen 7950X3D
Motherboard	ASRock B650E PG-ITX WiFi
Cooling	Alphacool Core Ocean T38 AIO 240mm
Memory	G.Skill 32GB 6000MHz
Video Card(s)	Sapphire Pulse 7900XTX
Storage	Some SSDs
Display(s)	42" Samsung TV + 22" Dell monitor vertically
Case	Lian Li A4-H2O
Audio Device(s)	Denon + Bose
Power Supply	Corsair SF750
Mouse	Logitech
Keyboard	Glorious
VR HMD	None
Software	Win 10
Benchmark Scores	None taken

System Name	Compy 386
Processor	7800X3D
Motherboard	Asus
Cooling	Air for now.....
Memory	64 GB DDR5 6400Mhz
Video Card(s)	7900XTX 310 Merc
Storage	Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning
Display(s)	56" Samsung 4K HDR
Audio Device(s)	ATI HDMI
Mouse	Logitech MX518
Keyboard	Razer
Software	A lot.
Benchmark Scores	Its fast. Enough.

System Name	Pioneer
Processor	Ryzen R9 7950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64

System Name	Ciel
Processor	AMD Ryzen R5 5600X
Motherboard	Asus Tuf Gaming B550 Plus
Cooling	ID-Cooling 224-XT Basic
Memory	2x 16GB Kingston Fury 3600MHz@3933MHz
Video Card(s)	Gainward Ghost 3060 Ti 8GB + Sapphire Pulse RX 6600 8GB
Storage	NVMe Kingston KC3000 2TB + NVMe Toshiba KBG40ZNT256G + HDD WD 4TB
Display(s)	AOC Q27G3XMN + Samsung S22F350
Case	Cougar MX410 Mesh-G
Audio Device(s)	Kingston HyperX Cloud Stinger Core 7.1 Wireless PC
Power Supply	Aerocool KCAS-500W
Mouse	EVGA X15
Keyboard	VSG Alnilam
Software	Windows 11

System Name	KHR-1
Processor	Ryzen 9 5900X
Motherboard	ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory	32 GB G.Skill RipJawsV F4-3200C16D-32GVR
Video Card(s)	Sapphire Nitro+ Radeon RX 6750 XT
Storage	Western Digital Black SN850 1 TB NVMe SSD
Display(s)	Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case	Corsair 275R
Audio Device(s)	Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply	eVGA Supernova G3 750W
Mouse	Logitech G Pro (Hero)
Software	Windows 11 Pro x64 23H2

System Name	NorthBlackGoldDream
Processor	Ryzen 7600X
Motherboard	Gigabyte B650M-DS3H
Cooling	Arctic Freezer II 240
Memory	16 GB DDR5-5200C40
Video Card(s)	GTX 1080 Ti 11 GB
Storage	1 TB NVMe PCIe 3.0
Display(s)	24.5" 240 Hz TN
Case	Fractal North Black Mesh
Power Supply	650W

AMD Graphics Drivers Have a CreateAllocation Security Vulnerability

News Editor