Aggregates CVE and security vulnerability intelligence across all mdadm_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk denial of service and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-28938 | Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local access. | [email protected] | 3.4 | 0.02% | 2023-08-11 | 2024-11-21 |
| CVE-2023-28736 | Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. | [email protected] | 5.7 | 0.05% | 2023-08-11 | 2024-11-21 |
| CVE-2014-5220 | The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root. | [email protected] | 7.8 | 0.16% | 2018-06-08 | 2024-11-21 |