Bugzilla – Bug 1214244
VUL-0: CVE-2023-28736: mdadm: Buffer overflow may allow a privileged user to potentially enable escalation of privilege via local access.
Last modified: 2023-10-04 03:43:05 UTC
CVE-2023-28736 Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28736 https://bugzilla.redhat.com/show_bug.cgi?id=2231424 https://www.cve.org/CVERecord?id=CVE-2023-28736 http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html
The upstream commit is probably ced5fa8 ("mdadm: block creation with long names")
@Coly, Intel has not identified an individual commit, unfortunately. Please double-check my assessment in comment 2. I have created a submission with that patch for SLE15-SP3 already.
See also bug 1214245
Mariusz, can you please review comment 2?
Here is the fix: https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=ced5fa8b170ad448f4076e24a10c731b5cfb36ce Even if it seems serious, please be aware that is has been there for 10 years.. Mariusz
Ok, I guessed correctly :-) thanks.
SUSE-SU-2023:3691-1: An update that solves two vulnerabilities and has one security fix can now be installed. Category: security (moderate) Bug References: 1214244, 1214245, 1214974 CVE References: CVE-2023-28736, CVE-2023-28938 Sources used: SUSE Linux Enterprise High Performance Computing 12 SP5 (src): mdadm-4.1-4.29.1 SUSE Linux Enterprise Server 12 SP5 (src): mdadm-4.1-4.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): mdadm-4.1-4.29.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:3953-1: An update that solves two vulnerabilities can now be installed. Category: security (moderate) Bug References: 1214244, 1214245 CVE References: CVE-2023-28736, CVE-2023-28938 Sources used: SUSE Linux Enterprise Micro for Rancher 5.3 (src): mdadm-4.1-150300.24.33.1 SUSE Linux Enterprise Micro 5.3 (src): mdadm-4.1-150300.24.33.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): mdadm-4.1-150300.24.33.1 SUSE Linux Enterprise Micro 5.4 (src): mdadm-4.1-150300.24.33.1 Basesystem Module 15-SP4 (src): mdadm-4.1-150300.24.33.1 SUSE Manager Proxy 4.2 (src): mdadm-4.1-150300.24.33.1 SUSE Manager Retail Branch Server 4.2 (src): mdadm-4.1-150300.24.33.1 SUSE Manager Server 4.2 (src): mdadm-4.1-150300.24.33.1 SUSE Linux Enterprise Micro 5.1 (src): mdadm-4.1-150300.24.33.1 SUSE Linux Enterprise Micro 5.2 (src): mdadm-4.1-150300.24.33.1 SUSE Linux Enterprise Micro for Rancher 5.2 (src): mdadm-4.1-150300.24.33.1 openSUSE Leap 15.4 (src): mdadm-4.1-150300.24.33.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.