DEBIAN-CVE-2023-28938

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-28938

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-28938.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-28938

Upstream

CVE-2023-28938

Published

2023-08-11T03:15:27.257Z

Modified

2025-11-20T10:16:35.415914Z

Severity

4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local access.

References

https://security-tracker.debian.org/tracker/CVE-2023-28938

Affected packages

Debian:11 / mdadm

Package

Name: mdadm
Purl: pkg:deb/debian/mdadm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.1-11

4.2~rc1-1

4.2~rc2-1

4.2~rc2-2~bpo11+1

4.2~rc2-2

4.2~rc2-3

4.2~rc2-4

4.2~rc2-5

4.2~rc2-6

4.2~rc2-7

4.2-1~bpo11+1

4.2-1

4.2-2

4.2-3

4.2-4

4.2-5

4.2+20230223-1

4.2+20230223-2

4.2+20230227-1

4.2+20230302-1

4.2+20230304-1

4.2+20230313-1

4.2+20230508-1

4.2+20230508-2

4.2+20230508-3

4.2+20230508-4

4.2+20230508-5

4.2+20230508-6

4.2+20230508-7

4.2+20230901-1

4.2+20231026-1

4.2+20231121-1

4.2+20240118-1

4.3-1

4.3+20240412-1

4.3+20240723-1

4.3+20240723-2

4.3+20241108-1

4.3+20241202-1

4.3+20241202-1.1

4.4-1

4.4-2

4.4-3

4.4-4

4.4-5

4.4-6

4.4-7

4.4-8

4.4-9

4.4-10

4.4-11

4.4-12

4.4-13

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-28938.json"

Debian:12 / mdadm

Package

Name: mdadm
Purl: pkg:deb/debian/mdadm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2~rc2-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-28938.json"

Debian:13 / mdadm

Package

Name: mdadm
Purl: pkg:deb/debian/mdadm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2~rc2-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-28938.json"

Debian:14 / mdadm

Package

Name: mdadm
Purl: pkg:deb/debian/mdadm?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2~rc2-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-28938.json"