CVE-2023-28938
https://notcve.org/view.php?id=CVE-2023-28938
Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-28736
https://notcve.org/view.php?id=CVE-2023-28736
Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2014-5220
https://notcve.org/view.php?id=CVE-2014-5220
The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root. El script mdcheck del paquete mdadm para openSUSE 13.2 en versiones anteriores a 3.3.1-5.14.1 no sanea correctamente los nombres de dispositivo, lo que permite que atacantes locales ejecuten comandos arbitrarios como root. • https://bugzilla.suse.com/show_bug.cgi?id=910500 https://lists.opensuse.org/opensuse-updates/2015-02/msg00069.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •