CVE-2023-28938

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Mdadm versions prior to 4.2-rc2

Description The issue is related to uncontrolled resource consumption in the Mdadm utility for managing RAID arrays. This could allow an attacker to cause a denial of service via local access. A privileged user may potentially exploit this issue.

Recommendations For versions prior to 4.2-rc2, update to version 4.2-rc2 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Mdadm utility to minimize the risk of exploitation.

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

AZL-27937

AZL-34975

BDU:2023-07643

CVE-2023-28938

OESA-2023-1647

OESA-2023-1648

OESA-2023-1649

OPENSUSE-SU-2023_3953-1

SUSE-SU-2023:3691-1

SUSE-SU-2023:3953-1

Affected Products

Astra Linux

Debian

Mdadm

Suse

CVE-2023-28938

Weakness Enumeration

Related Identifiers

Affected Products

References · 36