CVE-2023-28736

Name of the Vulnerable Software and Affected Versions Intel(R) SSD Tools versions prior to mdadm-4.2-rc2

Description The issue is related to a buffer overflow in the Intel(R) SSD Tools software, specifically in the mdadm utility, which is used for managing RAID arrays. This buffer overflow is caused by the lack of input validation, allowing a potential escalation of privilege via local access. An attacker could exploit this issue to gain access to confidential data, compromise data integrity, and cause a denial of service.

Recommendations For versions prior to mdadm-4.2-rc2, update to version mdadm-4.2-rc2 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system to minimize the risk of exploitation. Additionally, restrict the use of the mdadm utility until the update is applied.