{"id":"CVE-2014-5220","details":"The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root.","modified":"2026-04-10T03:44:42.301414Z","published":"2018-06-08T17:29:00Z","references":[{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=910500"},{"type":"WEB","url":"https://lists.opensuse.org/opensuse-updates/2015-02/msg00069.html"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}