The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Lvm2 | Heinz_mauelshagen | * | 2.02.71 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.50 (including) | 2.02.50 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.51 (including) | 2.02.51 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.52 (including) | 2.02.52 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.53 (including) | 2.02.53 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.54 (including) | 2.02.54 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.55 (including) | 2.02.55 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.56 (including) | 2.02.56 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.57 (including) | 2.02.57 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.58 (including) | 2.02.58 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.59 (including) | 2.02.59 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.60 (including) | 2.02.60 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.61 (including) | 2.02.61 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.62 (including) | 2.02.62 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.63 (including) | 2.02.63 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.64 (including) | 2.02.64 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.65 (including) | 2.02.65 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.66 (including) | 2.02.66 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.67 (including) | 2.02.67 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.68 (including) | 2.02.68 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.69 (including) | 2.02.69 (including) |
Lvm2 | Heinz_mauelshagen | 2.02.70 (including) | 2.02.70 (including) |
Lvm2 | Ubuntu | dapper | * |
Lvm2 | Ubuntu | devel | * |
Lvm2 | Ubuntu | hardy | * |
Lvm2 | Ubuntu | jaunty | * |
Lvm2 | Ubuntu | karmic | * |
Lvm2 | Ubuntu | lucid | * |
Lvm2 | Ubuntu | upstream | * |
Red Hat Enterprise Linux 5 | RedHat | lvm2-cluster-0:2.02.56-7.el5_5.4 | * |