Vulnerabilites related to asrock - rgb_driver_firmware
CVE-2020-15368 (GCVE-0-2020-15368)
Vulnerability from cvelistv5
Published
2020-06-29 00:00
Modified
2024-08-04 13:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:15:20.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://codetector.org/post/asrock_rgb_driver/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/stong/CVE-2020-15368?tab=readme-ov-file"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T12:01:25.955238",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://codetector.org/post/asrock_rgb_driver/"
},
{
"url": "https://github.com/stong/CVE-2020-15368?tab=readme-ov-file"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-15368",
"datePublished": "2020-06-29T00:00:00",
"dateReserved": "2020-06-29T00:00:00",
"dateUpdated": "2024-08-04T13:15:20.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-06-29 21:15
Modified
2024-11-21 05:05
Severity ?
Summary
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asrock | rgb_driver_firmware | - | |
| asrock | rgb_driver | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asrock:rgb_driver_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "307D23D4-91A6-416D-9714-CD44FB8051D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asrock:rgb_driver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD3312B9-78C8-4AD3-BCDF-B78704471D98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3."
},
{
"lang": "es",
"value": "La biblioteca AsrDrv103.sys en el ASRock RGB Driver no restringe apropiadamente el acceso desde el espacio de usuario, como es demostrado al desencadenar un fallo triple por medio de una petici\u00f3n de cero CR3"
}
],
"id": "CVE-2020-15368",
"lastModified": "2024-11-21T05:05:25.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-29T21:15:13.917",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://codetector.org/post/asrock_rgb_driver/"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/stong/CVE-2020-15368?tab=readme-ov-file"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://codetector.org/post/asrock_rgb_driver/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/stong/CVE-2020-15368?tab=readme-ov-file"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}