3 results (0.002 seconds)

CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0

Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root. El script mdcheck del paquete mdadm para openSUSE 13.2 en versiones anteriores a 3.3.1-5.14.1 no sanea correctamente los nombres de dispositivo, lo que permite que atacantes locales ejecuten comandos arbitrarios como root. • https://bugzilla.suse.com/show_bug.cgi?id=910500 https://lists.opensuse.org/opensuse-updates/2015-02/msg00069.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •